Cybersecurity researchers have discovered an intricate multi-stage attack that leverages invoice-themed phishing decoys to deliver a wide range of malware such as Venom RAT, Remcos RAT, XWorm, NanoCore RAT, and a stealer that targets crypto wallets.
The email messages come with Scalable Vector Graphics (SVG) file attachments that, when clicked, activate the infection sequence, Fortinet
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-09 09:06:302024-04-09 09:06:30Attackers Using Obfuscation Tools to Deliver Multi-Stage Malware via Invoice Phishing
Cybersecurity researchers have discovered an intricate multi-stage attack that leverages invoice-themed phishing decoys to deliver a wide range of malware such as Venom RAT, Remcos RAT, XWorm, NanoCore RAT, and a stealer that targets crypto wallets.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-09 09:06:292024-04-09 09:06:29ScrubCrypt Deploys VenomRAT with an Arsenal of Plugins
Threat actors are actively scanning and exploiting a pair of security flaws that are said to affect as many as 92,000 internet-exposed D-Link network-attached storage (NAS) devices.
Tracked as CVE-2024-3272 (CVSS score: 9.8) and CVE-2024-3273 (CVSS score: 7.3), the vulnerabilities impact legacy D-Link products that have reached end-of-life (EoL) status. D-Link, in
With a complex attack chain and using Telegram for its command and control, CoralRaider targets victims in Asian countries — and appears to have accidentally infected itself as well.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-09 04:06:372024-04-09 04:06:37Vietnamese Cybercrime Group CoralRaider Nets Financial Data
As manufacturers sprint to add software-defined features for vehicles, the ability for third-party maintenance and repair falls behind, leaving businesses with few choices to manage their cybersecurity.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-08 23:08:052024-04-08 23:08:05Software-Defined Vehicle Fleets Face a Twisty Road on Cybersecurity
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-08 21:18:062024-04-08 21:18:06StrikeReady Raises $12M for AI Security Command Platform
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-08 21:18:052024-04-08 21:18:05Home Depot Hammered by Supply Chain Data Breach
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-08 21:18:052024-04-08 21:18:05Wyden Releases Draft Legislation to End Federal Dependence on Insecure, Proprietary Software
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-04-08 20:06:502024-04-08 20:06:50Australian IT Skills Shortage: 2024 Is The Year To Self-Upskill
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Attackers Using Obfuscation Tools to Deliver Multi-Stage Malware via Invoice Phishing
/in General NewsCybersecurity researchers have discovered an intricate multi-stage attack that leverages invoice-themed phishing decoys to deliver a wide range of malware such as Venom RAT, Remcos RAT, XWorm, NanoCore RAT, and a stealer that targets crypto wallets.
The email messages come with Scalable Vector Graphics (SVG) file attachments that, when clicked, activate the infection sequence, Fortinet
The Hacker News – Read More
ScrubCrypt Deploys VenomRAT with an Arsenal of Plugins
/in General NewsCybersecurity researchers have discovered an intricate multi-stage attack that leverages invoice-themed phishing decoys to deliver a wide range of malware such as Venom RAT, Remcos RAT, XWorm, NanoCore RAT, and a stealer that targets crypto wallets.
Cyware News – Latest Cyber News – Read More
Critical Flaws Leave 92,000 D-Link NAS Devices Vulnerable to Malware Attacks
/in General NewsThreat actors are actively scanning and exploiting a pair of security flaws that are said to affect as many as 92,000 internet-exposed D-Link network-attached storage (NAS) devices.
Tracked as CVE-2024-3272 (CVSS score: 9.8) and CVE-2024-3273 (CVSS score: 7.3), the vulnerabilities impact legacy D-Link products that have reached end-of-life (EoL) status. D-Link, in
The Hacker News – Read More
Vietnamese Cybercrime Group CoralRaider Nets Financial Data
/in General NewsWith a complex attack chain and using Telegram for its command and control, CoralRaider targets victims in Asian countries — and appears to have accidentally infected itself as well.
darkreading – Read More
Software-Defined Vehicle Fleets Face a Twisty Road on Cybersecurity
/in General NewsAs manufacturers sprint to add software-defined features for vehicles, the ability for third-party maintenance and repair falls behind, leaving businesses with few choices to manage their cybersecurity.
darkreading – Read More
StrikeReady Raises $12M for AI Security Command Platform
/in General NewsPost Content
darkreading – Read More
Home Depot Hammered by Supply Chain Data Breach
/in General NewsSaaS vendor to blame for exposing employee data that was ultimately leaked on Dark Web forum, according to the home improvement retailer.
darkreading – Read More
Round 2: Change Healthcare Targeted in Second Ransomware Attack
/in General NewsRansomHub, which is speculated to have some connection to ALPHV, has stolen 4TB of sensitive data from the beleaguered healthcare company.
darkreading – Read More
Wyden Releases Draft Legislation to End Federal Dependence on Insecure, Proprietary Software
/in General NewsPost Content
darkreading – Read More
Australian IT Skills Shortage: 2024 Is The Year To Self-Upskill
/in General NewsFind out why IT pros in Australia need to take the initiative to self-upskill, and learn how this could lead to salary increases and promotions.
Security | TechRepublic – Read More