breaking news

Dragon Breath APT uses double-dip DLL sideloading strategy

GlobalDefenseBot
3 minutes

An APT group tracked as Dragon Breath has been observed employing a new DLL sideloading technique. Sophos researchers observed an APT group, tracked as Dragon Breath (aka APT-Q-27 and Golden Eye), that is using a new DLL sideloading technique that adds complexity and layers to the execution of the classic DLL sideloading. The attack consists of a clean […]

The post Dragon Breath APT uses double-dip DLL sideloading strategy appeared first on Security Affairs.

breaking news

Security Affairs newsletter Round 418 by Pierluigi Paganini – International edition

GlobalDefenseBot
4 minutes

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by […]

The post Security Affairs newsletter Round 418 by Pierluigi Paganini – International edition appeared first on Security Affairs.

breaking news

North Korea-linked Kimsuky APT uses new recon tool ReconShark

GlobalDefenseBot
4 minutes

North Korea-linked APT group Kimsuky has been observed using a new reconnaissance tool dubbed ReconShark in a recent campaign. SentinelOne researchers observed an ongoing campaign from North Korea-linked Kimsuky Group that is using a new malware called ReconShark. The reconnaissance tool is delivered through spear-phishing emails, OneDrive links leading to document weaponized downloads, and the execution of malicious […]

The post North Korea-linked Kimsuky APT uses new recon tool ReconShark appeared first on Security Affairs.

breaking news

Fleckpe Android malware totaled +620K downloads via Google Play Store

GlobalDefenseBot
3 minutes

Fleckpe is a new Android subscription Trojan that was discovered in the Google Play Store, totaling more than 620,000 downloads since 2022. Fleckpe is a new Android subscription Trojan that spreads via Google Play, the malware discovered by Kaspersky is hidden in photo editing apps, smartphone wallpaper packs, and other general-purpose apps. The malicious campaign […]

The post Fleckpe Android malware totaled +620K downloads via Google Play Store appeared first on Security Affairs.

breaking news

Facebook warns of a new information-stealing malware dubbed NodeStealer

GlobalDefenseBot
4 minutes

Facebook discovered a new information-stealing malware, dubbed ‘NodeStealer,’ that is being distributed on Meta. NodeStealer is a new information-stealing malware distributed on Meta that allows stealing browser cookies to hijack accounts on multiple platforms, including Facebook, Gmail, and Outlook. The malware was first spotted in late January 2023 while targeting the browsers of Windows systems. It […]

The post Facebook warns of a new information-stealing malware dubbed NodeStealer appeared first on Security Affairs.

Malware Downloads Facilitated by Social Engineering

CySecBot
1 minute

The most common route for malware infections remains social engineering in its various forms: phishing, vishing, etc. Such approaches take advantage of users’ deliberately cultivated willingness to trust communications they receive and to foll…

breaking news

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

GlobalDefenseBot
3 minutes

CERT-UA is warning of destructive cyberattacks conducted by the Russia-linked Sandworm APT group against the Ukraine public sector. Russia-linked APT group Sandworm is behind destructive cyberattacks against Ukrainian state networks, the Ukrainian Government Computer Emergency Response Team (CERT-UA) warns. The Sandworm group (aka BlackEnergy, UAC-0082, Iron Viking, Voodoo Bear, and TeleBots) has been active since 2000, it operates under the control […]

The post Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector appeared first on Security Affairs.

ChatGPT and other AI-themed lures used to deliver malicious software

CySecBot
1 minute

“Since the beginning of 2023 until the end of April, out of 13,296 new domains created related to ChatGPT or OpenAI, 1 out of every 25 new domains were either malicious or potentially malicious,” Check Point researchers have shared on Tuesd…