Mastouille

0 message0 participant0 message aujourd’hui

ESET Research<a href="https://infosec.exchange/tags/ClickFix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ClickFix</a> went from virtually non-existent to the second most common attack vector blocked by <a href="https://infosec.exchange/tags/ESET" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ESET</a>, surpassed only by <a href="https://infosec.exchange/tags/phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#phishing</a>. This novel social engineering technique accounted for nearly 8% of all detections in H1 2025. <a href="https://infosec.exchange/tags/ESETresearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ESETresearch</a> ClickFix lures users by displaying bogus error messages followed by quick fix instructions, including copy-pasting malicious code. Running the code in the victim’s command line interpreter delivers malware such as <a href="https://infosec.exchange/tags/RATs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RATs</a>, infostealers, and cryptominers. Between H2 2024 and H1 2025, ESET’s detection for ClickFix, HTML/FakeCaptcha, skyrocketed by 517%. Most detections in ESET telemetry were reported from Japan (23%), Peru (6%), and Poland, Spain, and Slovakia (>5% each). What makes <a href="https://infosec.exchange/tags/ClickFix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ClickFix</a> so effective? The fake error message looks convincing; instructions are simple, yet the copied command is too technical for most users to understand. Pasting it into cmd leads to compromise with final payloads, including <a href="https://infosec.exchange/tags/DarkGate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DarkGate</a> or <a href="https://infosec.exchange/tags/LummaStealer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LummaStealer</a>. While <a href="https://infosec.exchange/tags/ClickFix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ClickFix</a> was introduced by cybercriminals, it’s since been adopted by APT groups: Kimsuky, Lazarus; Callisto, Sednit; MuddyWater; APT36. NK-aligned actors used it to target developers, steal crypto and passwords from Metamask and <a href="https://infosec.exchange/tags/macOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#macOS</a> Keychain. <a href="https://infosec.exchange/tags/ClickFix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ClickFix</a> uses psychological manipulation by presenting fake issues and offering quick solutions, which makes it dangerously efficient. It appears in many forms – error popups, email attachments, fake reCAPTCHAs – highlighting the need for greater vigilance online. Read more in the <a href="https://infosec.exchange/tags/ESETThreatReport" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ESETThreatReport</a>: 🔗 <a href="https://welivesecurity.com/en/eset-research/eset-threat-report-h1-2025" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://welivesecurity.com/en/eset-research/eset-threat-report-h1-2025</a>

RedhotcyberDarkGate: Il Malware che si Adatta per Sconfiggere i Sistemi di SicurezzaIl <a href="https://mastodon.bida.im/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malware</a> <a href="https://mastodon.bida.im/tags/DarkGate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DarkGate</a>, distribuito utilizzando il <a href="https://mastodon.bida.im/tags/modello" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#modello</a> <a href="https://mastodon.bida.im/tags/MaaS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MaaS</a> (Malware-as-a-Service), ha cambiato il metodo di erogazione delle fasi finali, passando dagli script <a href="https://mastodon.bida.im/tags/AutoIt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AutoIt</a> al meccanismo <a href="https://mastodon.bida.im/tags/AutoHotkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AutoHotkey</a>.<a href="https://mastodon.bida.im/tags/redhotcyber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#redhotcyber</a> <a href="https://mastodon.bida.im/tags/online" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#online</a> <a href="https://mastodon.bida.im/tags/it" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#it</a> <a href="https://mastodon.bida.im/tags/ai" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ai</a> <a href="https://mastodon.bida.im/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacking</a> <a href="https://mastodon.bida.im/tags/innovation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#innovation</a> <a href="https://mastodon.bida.im/tags/privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#privacy</a> <a href="https://mastodon.bida.im/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://mastodon.bida.im/tags/technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#technology</a> <a href="https://mastodon.bida.im/tags/engineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#engineering</a> <a href="https://mastodon.bida.im/tags/cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybercrime</a> <a href="https://mastodon.bida.im/tags/intelligence" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#intelligence</a> <a href="https://mastodon.bida.im/tags/intelligenzaartificiale" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#intelligenzaartificiale</a> <a href="https://mastodon.bida.im/tags/informationsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#informationsecurity</a> <a href="https://mastodon.bida.im/tags/ethicalhacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ethicalhacking</a> <a href="https://mastodon.bida.im/tags/dataprotection" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dataprotection</a> <a href="https://mastodon.bida.im/tags/cybersecurityawareness" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurityawareness</a> <a href="https://mastodon.bida.im/tags/cybersecuritytraining" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecuritytraining</a> <a href="https://mastodon.bida.im/tags/cybersecuritynews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecuritynews</a> <a href="https://mastodon.bida.im/tags/infosecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosecurity</a><a href="https://www.redhotcyber.com/post/darkgate-il-malware-che-si-adatta-per-sconfiggere-i-sistemi-di-sicurezza/" rel="nofollow noopener noreferrer" target="_blank">https://www.redhotcyber.com/post/darkgate-il-malware-che-si-adatta-per-sconfiggere-i-sistemi-di-sicurezza/</a>

BradFrom a social media post I wrote for my employer at ttps://www.linkedin.com/posts/unit42_darkgate-timelythreatintel-unit42threatintel-activity-7196580114761928704-Nblk/ and <a href="https://twitter.com/Unit42_Intel/status/1790814496845394110" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://twitter.com/Unit42_Intel/status/1790814496845394110</a>2024-05-14 (Tuesday): <a href="https://infosec.exchange/tags/DarkGate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DarkGate</a> activity. HTML file asks victim to paste script into a run window. Indicators available at <a href="https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/main/2024-05-14-IOCs-for-DarkGate-activity.txt" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/main/2024-05-14-IOCs-for-DarkGate-activity.txt</a>A <a href="https://infosec.exchange/tags/pcap" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pcap</a> of the <a href="https://infosec.exchange/tags/DarkGate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DarkGate</a> infection traffic and the associated malware/artifacts are available at <a href="https://malware-traffic-analysis.net/2024/05/14/index.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://malware-traffic-analysis.net/2024/05/14/index.html</a>

RedhotcyberDarkGate: il malware che sfrutta gli 0day di Windows e amplia la sua diffusione con Google ADSA metà gennaio, i <a href="https://mastodon.bida.im/tags/ricercatori" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ricercatori</a> di sicurezza di TrendMicro hanno notato una nuova campagna su larga scala per distribuire il <a href="https://mastodon.bida.im/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malware</a> <a href="https://mastodon.bida.im/tags/DarkGate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DarkGate</a>. Tale <a href="https://mastodon.bida.im/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malware</a> sfruttando una <a href="https://mastodon.bida.im/tags/vulnerabilit%C3%A0" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vulnerabilità</a> di sicurezza recentemente corretta in <a href="https://mastodon.bida.im/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> <a href="https://mastodon.bida.im/tags/Windows" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Windows</a>, ancor prima che fosse patchata.<a href="https://mastodon.bida.im/tags/redhotcyber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#redhotcyber</a> <a href="https://mastodon.bida.im/tags/online" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#online</a> <a href="https://mastodon.bida.im/tags/it" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#it</a> <a href="https://mastodon.bida.im/tags/web" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#web</a> <a href="https://mastodon.bida.im/tags/ai" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ai</a> <a href="https://mastodon.bida.im/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacking</a> <a href="https://mastodon.bida.im/tags/privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#privacy</a> <a href="https://mastodon.bida.im/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://mastodon.bida.im/tags/cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybercrime</a> <a href="https://mastodon.bida.im/tags/intelligence" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#intelligence</a> <a href="https://mastodon.bida.im/tags/intelligenzaartificiale" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#intelligenzaartificiale</a> <a href="https://mastodon.bida.im/tags/informationsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#informationsecurity</a> <a href="https://mastodon.bida.im/tags/ethicalhacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ethicalhacking</a> <a href="https://mastodon.bida.im/tags/dataprotection" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dataprotection</a> <a href="https://mastodon.bida.im/tags/cybersecurityawareness" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurityawareness</a> <a href="https://mastodon.bida.im/tags/cybersecuritytraining" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecuritytraining</a> <a href="https://mastodon.bida.im/tags/cybersecuritynews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecuritynews</a> <a href="https://mastodon.bida.im/tags/infosecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosecurity</a><a href="https://www.redhotcyber.com/post/darkgate-il-malware-che-sfrutta-gli-0day-di-windows-e-amplia-la-sua-diffusione-con-google-ads/" rel="nofollow noopener noreferrer" target="_blank">https://www.redhotcyber.com/post/darkgate-il-malware-che-sfrutta-gli-0day-di-windows-e-amplia-la-sua-diffusione-con-google-ads/</a>

ricardo :mastodon:Hackers exploit <a href="https://fosstodon.org/tags/Windows" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Windows</a> SmartScreen flaw to drop <a href="https://fosstodon.org/tags/DarkGate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DarkGate</a> malware ⚠️ <a href="https://www.bleepingcomputer.com/news/security/hackers-exploit-windows-smartscreen-flaw-to-drop-darkgate-malware/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/hackers-exploit-windows-smartscreen-flaw-to-drop-darkgate-malware/</a>

BradSocial media post I wrote for my employer, available at <a href="https://www.linkedin.com/posts/unit42_darkgate-unit42threatintel-timelythreatintel-activity-7156413691289116672-W3GG" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.linkedin.com/posts/unit42_darkgate-unit42threatintel-timelythreatintel-activity-7156413691289116672-W3GG</a> and <a href="https://twitter.com/Unit42_Intel/status/1750648073603125757" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://twitter.com/Unit42_Intel/status/1750648073603125757</a>2024-01-25 (Thursday): <a href="https://infosec.exchange/tags/DarkGate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DarkGate</a> active again this week. IOCs from an infection run earlier today are available at <a href="https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/main/2024-01-25-IOCs-for-DarkGate-activity.txt" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/main/2024-01-25-IOCs-for-DarkGate-activity.txt</a>A <a href="https://infosec.exchange/tags/pcap" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pcap</a> of the infection traffic, along with the associated malware and artifacts from a <a href="https://infosec.exchange/tags/DarkGate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DarkGate</a> infection are available at <a href="https://www.malware-traffic-analysis.net/2024/01/25/index.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.malware-traffic-analysis.net/2024/01/25/index.html</a>

Valéry Rieß-Marchive :verified:🚨 Attention aux menaces en ligne ! DarkGate, un malware polyvalent découvert en 2018, se propage via des fichiers torrent et échappe à la détection antivirus, capable de miner des cryptomonnaies, voler des données et contrôler à distance les postes de travail. 🕵️‍♂️ Avec des techniques de distribution en constante évolution, allant de l'hameçonnage aux fausses mises à jour, DarkGate se révèle être un outil de choix pour les cybercriminels, proposé même en tant que service sur des forums clandestins. 🛡️ Restez vigilants et informés pour protéger vos données et systèmes. <a href="https://infosec.exchange/tags/Cybers%C3%A9curit%C3%A9" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersécurité</a> <a href="https://infosec.exchange/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> <a href="https://infosec.exchange/tags/DarkGate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DarkGate</a> <a href="https://www.lemagit.fr/conseil/DarkGate-ce-quil-faut-savoir-sur-ce-maliciel" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.lemagit.fr/conseil/DarkGate-ce-quil-faut-savoir-sur-ce-maliciel</a>

Selena LarsonWe just published details on a new  activity cluster we are temporarily calling <a href="https://mastodon.social/tags/BattleRoyal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BattleRoyal</a>. It started distributing <a href="https://mastodon.social/tags/DarkGate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DarkGate</a> using distinct GroupIDs from Sept - Nov, then switched to <a href="https://mastodon.social/tags/NetSupport" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NetSupport</a>. Delivery methods include email and fake update lures <a href="https://www.proofpoint.com/us/blog/threat-insight/battleroyal-darkgate-cluster-spreads-email-and-fake-browser-updates" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.proofpoint.com/us/blog/threat-insight/battleroyal-darkgate-cluster-spreads-email-and-fake-browser-updates</a>

Sekoia.io<a href="https://infosec.exchange/tags/DarkGate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DarkGate</a> gained popularity among threat actors (e.g: <a href="https://infosec.exchange/tags/TA577" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TA577</a>, <a href="https://infosec.exchange/tags/DuckTail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DuckTail</a>), our <a href="https://infosec.exchange/tags/RE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RE</a> analysis details the internals of the malware, how it implements technique to evade defenses: Union-API, token theft via UpdateProcThreadAttribute, APC injection.<a href="https://blog.sekoia.io/darkgate-internals/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://blog.sekoia.io/darkgate-internals/</a>

BradPost I wrote for my employer at <a href="https://www.linkedin.com/posts/unit42_darkgate-timelythreatintel-wireshark-activity-7123453508560797697--dJn" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.linkedin.com/posts/unit42_darkgate-timelythreatintel-wireshark-activity-7123453508560797697--dJn</a> and <a href="https://twitter.com/Unit42_Intel/status/1717687387025809465" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://twitter.com/Unit42_Intel/status/1717687387025809465</a>2023-10-25 (Wednesday): <a href="https://infosec.exchange/tags/DarkGate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DarkGate</a> malware distributed through fake invoice/billing emails with PDF attachments that spoof DocuSign.As early as last week, these DarkGate loaders stopped retrieving a copy of Autoit3.exe and the .au3 file from the C2 server. Now, the copy of Autoit3.exe and the .au3 file is contained within a zip-ed .msi file that's hosted on a separate server.The loader for DarkGate now grabs that .msi file instead.We'll see how long that lasts.Indicators from an infection run are available at <a href="https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/main/2023-10-25-IOCs-from-DarkGate-activity.txt" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/main/2023-10-25-IOCs-from-DarkGate-activity.txt</a>A <a href="https://infosec.exchange/tags/pcap" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pcap</a> of the infection traffic, along with the associated malware/artifacts are now available at <a href="https://malware-traffic-analysis.net/2023/10/25/index.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://malware-traffic-analysis.net/2023/10/25/index.html</a>

crep1xFake sites impersonating Zoom download page distributes <a href="https://infosec.exchange/tags/DarkGate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DarkGate</a> Loader: zoomadvertisingofferr.]com zoomadvertisingooffer.]comDarkGate C2: 81.19.135.]17 (likely <a href="https://infosec.exchange/tags/TA577" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TA577</a> payload, A1111 botnet)hxxps://zoomadvertisingofferr.]com/ZoomInstaller.msi<a href="https://tria.ge/231021-dsawbaec67" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://tria.ge/231021-dsawbaec67</a>

Xavier «X» Santolaria :verified_paw: :donor:📨 Latest issue of my curated <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> and <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> list of resources for week #42/2023 is out! It includes the following and much more:➝ 🔓 👀 Tracking Unauthorized Access to <a href="https://infosec.exchange/tags/Okta" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Okta</a>'s Support System ➝ 🔓 🇯🇵 <a href="https://infosec.exchange/tags/Casio" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Casio</a> discloses <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> impacting customers in 149 countries ➝ 🔓 🧬 Hacker leaks millions more <a href="https://infosec.exchange/tags/23andMe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#23andMe</a> user records on <a href="https://infosec.exchange/tags/cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybercrime</a> forum ➝ 🔓 🇨🇳 D-Link confirms data breach after employee <a href="https://infosec.exchange/tags/phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#phishing</a> attack ➝ 🔓 💰 <a href="https://infosec.exchange/tags/Equifax" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Equifax</a> Fined $13.5 Million Over 2017 Data Breach ➝ 🇺🇦 🧹 Ukrainian activists hack Trigona <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ransomware</a> gang, wipe servers ➝ 🇺🇸 🇰🇵 FBI: Thousands of Remote IT Workers Sent Wages to <a href="https://infosec.exchange/tags/NorthKorea" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NorthKorea</a> to Help Fund Weapons Program ➝ 🇮🇳 ☁️ <a href="https://infosec.exchange/tags/India" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#India</a> targets <a href="https://infosec.exchange/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a>, <a href="https://infosec.exchange/tags/Amazon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Amazon</a> tech support <a href="https://infosec.exchange/tags/scammers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#scammers</a> in nationwide crackdown ➝ 🇵🇸 🇮🇷 <a href="https://infosec.exchange/tags/Hamas" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Hamas</a>-linked app offers window into cyber infrastructure, possible links to Iran ➝ 👮🏻‍♂️ 🥷🏻 Police seize <a href="https://infosec.exchange/tags/RagnarLocker" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RagnarLocker</a> leak site ➝ 🇰🇵 North Korean Hackers Exploiting Recent <a href="https://infosec.exchange/tags/TeamCity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TeamCity</a> Vulnerability ➝ 🇨🇳 🇷🇺 <a href="https://infosec.exchange/tags/China" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#China</a> replaces <a href="https://infosec.exchange/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Russia</a> as top <a href="https://infosec.exchange/tags/cyberthreat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cyberthreat</a> ➝ 🇺🇦 📡 CERT-UA Reports: 11 Ukrainian Telecom Providers Hit by Cyberattacks ➝ 🇫🇷 🇪🇸 <a href="https://infosec.exchange/tags/France" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#France</a> frees the two biggest Spanish hackers ➝ 🇺🇸 ⚓️ Ex-Navy IT head gets 5 years for selling people’s data on <a href="https://infosec.exchange/tags/darkweb" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#darkweb</a> ➝ 🇨🇭 🗳️ <a href="https://infosec.exchange/tags/Switzerland" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Switzerland</a>’s e-voting system has predictable implementation blunder ➝ 🔓 🏭 Critical Vulnerabilities Expose <a href="https://infosec.exchange/tags/Weintek" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Weintek</a> HMIs to Attacks ➝ 🔓 🏭 <a href="https://infosec.exchange/tags/Milesight" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Milesight</a> Industrial Router <a href="https://infosec.exchange/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Vulnerability</a> Possibly Exploited in Attacks ➝ 🦠 🇻🇳 Fake <a href="https://infosec.exchange/tags/Corsair" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Corsair</a> job offers on <a href="https://infosec.exchange/tags/LinkedIn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LinkedIn</a> push <a href="https://infosec.exchange/tags/DarkGate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DarkGate</a> malware ➝ 🦠 Google-hosted <a href="https://infosec.exchange/tags/malvertising" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malvertising</a> leads to fake <a href="https://infosec.exchange/tags/Keepass" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Keepass</a> site that looks genuine ➝ 🦠 💬 <a href="https://infosec.exchange/tags/Discord" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Discord</a> still a hotbed of <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malware</a> activity — Now APTs join the fun ➝ 🦠 🕵🏻‍♂️ SpyNote: Beware of This Android <a href="https://infosec.exchange/tags/Trojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Trojan</a> that Records Audio and Phone Calls ➝ 🛍️ 🦠 <a href="https://infosec.exchange/tags/Android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Android</a> will now scan sideloaded apps for malware at install time ➝ 💬 🔐 <a href="https://infosec.exchange/tags/WhatsApp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WhatsApp</a> <a href="https://infosec.exchange/tags/passkeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#passkeys</a> on the way, but as usual, for Android first ➝ 🇷🇺 🗂️ Pro-Russian Hackers Exploiting Recent <a href="https://infosec.exchange/tags/WinRAR" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WinRAR</a> Vulnerability in New Campaign ➝ 🗓️ ❌ Signal Pours Cold Water on Zero-Day Exploit Rumors ➝ 🔓 💥 <a href="https://infosec.exchange/tags/Cisco" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cisco</a> warns of new <a href="https://infosec.exchange/tags/IOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IOS</a> XE <a href="https://infosec.exchange/tags/zeroday" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#zeroday</a> actively exploited in attacks📚 This week's recommended reading is: "RTFM: Red Team Field Manual v2" by Ben Clark and Nicholas DownerSubscribe to the <a href="https://infosec.exchange/tags/infosecMASHUP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosecMASHUP</a> newsletter to have it piping hot in your inbox every week-end ⬇️<a href="https://infosec-mashup.santolaria.net/p/infosec-mashup-week-422023" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infosec-mashup.santolaria.net/p/infosec-mashup-week-422023</a>

John LeonardVietnamese hackers attack UK, US and Indian targets with DarkGate malwareVictims lured to download infected documents offering job descriptions and salary details <a href="https://www.computing.co.uk/news/4137089/vietnamese-hackers-attack-uk-us-india-darkgate-malware" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.computing.co.uk/news/4137089/vietnamese-hackers-attack-uk-us-india-darkgate-malware</a><a href="https://mastodon.social/tags/technews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#technews</a> <a href="https://mastodon.social/tags/technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#technology</a> <a href="https://mastodon.social/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://mastodon.social/tags/darkgate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#darkgate</a>

Recherches récentes

Options de recherche

Administré par :

Statistiques du serveur :

#darkgate