Transportation Companies Hit by Cyberattacks Using Lumma Stealer and NetSupport Malware

Transportation Companies Hit by Cyberattacks Using Lumma Stealer and NetSupport Malware

Sep 25, 2024Ravie LakshmananEmail Security / Threat Intelligence Transportation and logistics companies in North America are the target of a new phishing campaign that delivers a variety of information stealers and remote access trojans (RATs). The activity cluster, per Proofpoint, makes use of compromised legitimate email accounts belonging to transportation and shipping companies so as to inject malicious content into existing email conversations. As many as 15 breached email accounts have been identified as used…

Read More

How Do I Protect Myself When Using Wi-Fi? | McAfee Blog

How Do I Protect Myself When Using Wi-Fi? | McAfee Blog

Wi-Fi is everywhere. Whether you travel for business or simply need Internet access while out and about, your options are plentiful. You can sign on at airports, hotels, coffee shops, fast food restaurants, and now, even airplanes. Wi-Fi wasn’t born to be secure; it was born to be convenient. Wireless networks broadcast messages using radio and are therefore more susceptible to eavesdropping than wired networks. Today, with criminal hackers as sophisticated as ever, if you…

Read More

New APT Group

New APT Group

Jul 08, 2024NewsroomCyber Espionage / Cloud Security A previously undocumented advanced persistent threat (APT) group dubbed CloudSorcerer has been observed targeting Russian government entities by leveraging cloud services for command-and-control (C2) and data exfiltration. Cybersecurity firm Kaspersky, which discovered the activity in May 2024, said the tradecraft adopted by the threat actor bears similarities with that of CloudWizard, but pointed out the differences in the malware source code. The attacks wield an innovative data-gathering program…

Read More

How to Protect Yourself from Vishing | McAfee Blog

How to Protect Yourself from Vishing | McAfee Blog

“Vishing” occurs when criminals cold-call victims and attempt to persuade them to divulge personal information over the phone. These scammers are generally after credit card numbers and personal identifying information, which can then be used to commit financial theft. Vishing can occur both on your landline phone or via your cell phone. The term is a combination of “voice,” and “phishing,” which is the use of spoofed emails to trick targets into clicking malicious links….

Read More

How To Prevent Your Emails From Being Hacked | McAfee Blog

How To Prevent Your Emails From Being Hacked | McAfee Blog

My mother recently turned 80, so of course a large celebration was in order. With 100 plus guests, entertainment, and catering to organise, the best way for me to keep everyone updated (and share tasks) was to use Google Docs. Gee, it worked well. My updates could immediately be seen by everyone, the family could access it from all the devices, and it was free to use! No wonder Google has a monopoly on drive…

Read More

Warning: Thread Hijacking Attack Targets IT Networks, Stealing NTLM Hashes

Warning: Thread Hijacking Attack Targets IT Networks, Stealing NTLM Hashes

Mar 05, 2024NewsroomEmail Security / Network Security The threat actor known as TA577 has been observed using ZIP archive attachments in phishing emails with an aim to steal NT LAN Manager (NTLM) hashes. The new attack chain “can be used for sensitive information gathering purposes and to enable follow-on activity,” enterprise security firm Proofpoint said in a Monday report. At least two campaigns taking advantage of this approach were observed on February 26 and 27,…

Read More

Invoice Phishing Alert: TA866 Deploys WasabiSeed & Screenshotter Malware

Invoice Phishing Alert: TA866 Deploys WasabiSeed & Screenshotter Malware

The threat actor tracked as TA866 has resurfaced after a nine-month hiatus with a new large-volume phishing campaign to deliver known malware families such as WasabiSeed and Screenshotter. The campaign, observed earlier this month and blocked by Proofpoint on January 11, 2024, involved sending thousands of invoice-themed emails targeting North America bearing decoy PDF files. “The PDFs contained OneDrive URLs that, if clicked, initiated a multi-step infection chain eventually leading to the malware payload, a…

Read More

New Campaign Targets Middle East Governments with IronWind Malware

New Campaign Targets Middle East Governments with IronWind Malware

Nov 14, 2023NewsroomCyber Espionage / Threat Intelligence Government entities in the Middle East are the target of new phishing campaigns that are designed to deliver a new initial access downloader dubbed IronWind. The activity, detected between July and October 2023, has been attributed by Proofpoint to a threat actor it tracks under the name TA402, which is also known as Molerats, Gaza Cyber Gang, and shares tactical overlaps with a pro-Hamas hacking crew known as…

Read More

New ZenRAT Malware Targeting Windows Users via Fake Password Manager Software

New ZenRAT Malware Targeting Windows Users via Fake Password Manager Software

Sep 27, 2023THNMalware / Cyber Threat A new malware strain called ZenRAT has emerged in the wild that’s distributed via bogus installation packages of the Bitwarden password manager. “The malware is specifically targeting Windows users and will redirect people using other hosts to a benign web page,” enterprise security firm Proofpoint said in a technical report. “The malware is a modular remote access trojan (RAT) with information stealing capabilities.” ZenRAT is hosted on fake websites…

Read More

Sophisticated Phishing Campaign Targeting Chinese Users with ValleyRAT and Gh0st RAT

Sophisticated Phishing Campaign Targeting Chinese Users with ValleyRAT and Gh0st RAT

Sep 20, 2023THNMalware Attack / Cyber Threat Chinese-language speakers have been increasingly targeted as part of multiple email phishing campaigns that aim to distribute various malware families such as Sainbox RAT, Purple Fox, and a new trojan called ValleyRAT. “Campaigns include Chinese-language lures and malware typically associated with Chinese cybercrime activity,” enterprise security firm Proofpoint said in a report shared with The Hacker News. The activity, observed since early 2023, entails sending email messages containing…

Read More
1 2 3