Threat Actors Using Telegram APIs To Steal Login Credentials
Threat actors are exploiting Telegram APIs to avoid detection and illicitly obtain users' login credentials.
Be cautious of a phishing email containing a disguised URL (hxxpswwwastunetcom/wp-plug/imu0nni5/3rhenqt2/) that directs you to a deceptive landing page hosted...
Top Phishing Campaigns in July 2024: SharePoint Abuse, DeerStealer, and More
July saw a new influx of phishing and malware campaigns. The analyst team at ANY.RUN sandbox is closely monitoring all developments in the threat landscape and sharing their analysis on X. Here are some...
Cybercriminals Heavily Preparing For 2024 Paris Olympic Games Based Attacks
Major sporting events with massive online audiences, like the World Cup and Olympics, have become magnets for cyberattacks, which are growing rapidly as documented attacks skyrocketed from 212 million at the 2012 Olympics to...
FishXProxy Fuels Phishing Attacks with Clever Deceptive Attacks
Imagine receiving an email that looks legitimate, down to the last detail. This is the deceptive power of the new FishXProxy Phishing Kit, a sophisticated toolkit emerging from underground cybercrime.
With its advanced features, FishXProxy...
4000+ Domains Used By FIN7 Actors Mimic Popular Brands
Russian-linked FIN7 (aka Sangria Tempest, ATK32, Carbon Spider, Coreid, ELBRUS, G0008, G0046, and GOLD NIAGARA) is a financial cybercrime group that has been around since 2013 and it specifically targets the US industries.
To achieve...
Kimsuky Hackers Attacking Organizations Using Weaponized EXE & DOCX Files
Hackers often use EXE and DOCX file formats is due to they are among the most commonly used types of files that can be easily disguised as legitimate.
EXE files can be used to deliver...
Beware Of Malicious PDF Files That Mimic Microsoft 2FA Security Update
Malware authors are exploiting the growing popularity of QR codes to target users through PDF files, where these malicious PDFs, often delivered via email disguised as faxes, contain QR codes that trick users into...
Hackers Breaking Passkeys Using AitM Phishing Attacks
Hackers abuse phishing attacks as they are highly effective and low-cost methods for deceiving users into revealing sensitive information.
Despite the recent surge in passkey adoption by large tech firms, Joe Stewart of Esentire discovered...
SpyMax RAT Attacking Android Users Via Telegram to Evade Detection
Researchers discovered a new Android RAT (Remote Administration Tool) called SpyMax targeting Telegram users. This RAT is particularly dangerous because it doesn't require a rooted device, making it easier to infect victims.
SpyMax steals personal...
Hackers Leveraging CHM Files To Attack Users With Password-Protected Zip Files
Hackers abuse CHM files because they can embed malicious scripts or code within them. Windows systems often trust and execute these files without many security checks.
When the CHM file is opened, it enables...