Collaborate Disseminate
An ongoing malicious email campaign that includes macro-laden files and multiple layers of obfuscation has been active since late December. Continue reading Emotet Now Spreading Through Malicious Excel Files
Since 2017, the attacker has flung simple off-the-shelf malware in malicious email campaigns aimed at aviation, aerospace, transportation and defense.
Continue reading TA2541: APT Has Been Shooting RATs at Aviation for Years
A memory issue affects myriad iPhone, iPad and MacOS devices and allows attackers to execute arbitrary code after processing malicious web content.
Continue reading Apple Patches Actively Exploited WebKit Zero Day
The plug-in’s default settings spawned flaws that could allow for full site takeover but have since been fixed in an update that users should immediately install, Wordfence researchers said.
Continue reading PHP Everywhere Bugs Put 30K+ WordPress Sites at Risk of RCE
Researchers from Proofpoint have spotted a new Middle East-targeted phishing campaign that delivers a novel malware dubbed NimbleMamba. Continue reading MoleRats APT Flaunts New Trojan in Latest Cyberespionage Campaign
Attackers infiltrated the media giant’s network using BEC, while Microsoft moved to stop such attacks by blocking VBA macros in 5 Windows apps. Included: more ways to help stop BEC.
Continue reading China Suspected of News Corp Cyberespionage Attack
The usual tax-season barrage of cybercriminal activity is already underway with a phishing campaign impersonating the popular accounting and tax-filing software. Continue reading Attackers Target Intuit Users by Threatening to Cancel Tax Accounts
Attackers are using socially engineered emails with .ppam file attachments that hide malware that can rewrite Windows registry settings on targeted machines.
Continue reading PowerPoint Files Abused to Take Over Computers
Attackers increasingly are using malicious JavaScript packages to steal data, engage in cryptojacking and unleash botnets, offering a wide supply-chain attack surface for threat actors. Continue reading Thousands of Malicious npm Packages Threaten Web Apps
The notorious Iranian APT is fortifying its arsenal with new malicious tools and evasion tactics and may even be behind the Memento ransomware.
Continue reading Charming Kitten Sharpens Its Claws with PowerShell Backdoor