Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users

Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users

Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users A new attack campaign dubbed CLOUD#REVERSER has been observed leveraging legitimate cloud storage services like Google Drive and Dropbox to stage malicious payloads. “The VBScript and PowerShell scripts in the CLOUD#REVERSER inherently involves command-and-control-like activities by using Google Drive and Dropbox Read more…

ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan

ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan

ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan The authors behind the resurfaced ZLoader malware have added a feature that was originally present in the Zeus banking trojan that it’s based on, indicating that it’s being actively developed. “The latest version, 2.4.1.0, introduces a feature to prevent execution on machines that differ from the original infection,” Read more…

Bogus npm Packages Used to Trick Software Developers into Installing Malware

Bogus npm Packages Used to Trick Software Developers into Installing Malware

Bogus npm Packages Used to Trick Software Developers into Installing Malware An ongoing social engineering campaign is targeting software developers with bogus npm packages under the guise of a job interview to trick them into downloading a Python backdoor. Cybersecurity firm Securonix is tracking the activity under the name DEV#POPPER, linking it to North Korean Read more…

New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT

New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT

New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT A new phishing campaign is targeting U.S. organizations with the intent to deploy a remote access trojan called NetSupport RAT. Israeli cybersecurity company Perception Point is tracking the activity under the moniker Operation PhantomBlu. “The PhantomBlu operation introduces a Read more…

Ubuntu 'command-not-found' Tool Could Trick Users into Installing Rogue Packages

Ubuntu 'command-not-found' Tool Could Trick Users into Installing Rogue Packages

Ubuntu 'command-not-found' Tool Could Trick Users into Installing Rogue Packages Cybersecurity researchers have found that it’s possible for threat actors to exploit a well-known utility called command-not-found to recommend their own rogue packages and compromise systems running Ubuntu operating system. “While ‘command-not-found’ serves as a convenient tool for suggesting installations Read more…

Malicious Google Ads Trick WinSCP Users into Installing Malware

Malicious Google Ads Trick WinSCP Users into Installing Malware

Malicious Google Ads Trick WinSCP Users into Installing Malware î ‚Nov 17, 2023î „NewsroomMalvertising / Malware Threat actors are leveraging manipulated search results and bogus Google ads that trick users who are looking to download legitimate software such as WinSCP into installing malware instead. Cybersecurity company Securonix is tracking the ongoing activity Read more…