Blog
Washington DC-Based Group Targeted in Apparent Pegasus Hack
Researchers have claimed that an individual employed by a Washington DC-based organization with international offices was targeted with the Pegasus spyware, raising new concerns about the proliferation of spyware that can infect Apple devices.
New HijackLoader Modular Malware Loader Making Waves in the Cybercrime World
A new malware loader called HijackLoader is gaining traction among the cybercriminal community to deliver various payloads such as DanaBot, SystemBC, and RedLine Stealer. "Even though HijackLoader does not contain advanced features, it is capable of using a variety of...
W3LL Panel Phishing Kit Used to Hijack Over 56,000 Microsoft 365 Accounts
W3LL, an initially obscure threat group, has transformed into a significant player in the cyber underworld, selling a phishing kit called W3LL Panel and 16 specialized tools for BEC attacks. Group-IB identified close to 850 unique phishing websites attributed to the...
W3LL Panel Phishing Kit Used to Hijack Over 56,000 Microsoft 365 Accounts
W3LL, an initially obscure threat group, has transformed into a significant player in the cyber underworld, selling a phishing kit called W3LL Panel and 16 specialized tools for BEC attacks. Group-IB identified close to 850 unique phishing websites attributed to the...
Crypto Phishing Attacks Abuse Google Looker Studio
Cybercriminals were observed exploiting Google Looker Studio to create counterfeit cryptocurrency phishing websites. Through this, attackers aim to deceive recipients into revealing their crypto wallet login details. Check Point recommends implementing a comprehensive...
Millions Infected by Spyware Hidden in Fake Telegram Apps on Google Play
Spyware masquerading as modified versions of Telegram have been spotted in the Google Play Store that’s designed to harvest sensitive information from compromised Android devices. According to Kaspersky security researcher Igor Golovin, the apps come with nefarious...
CISA Adds Critical RocketMQ Bug to Must-Patch List
The CISA added CVE-2023-33246 to its Known Exploited Vulnerabilities Catalog. It means government agencies have until September 27 to apply a vendor patch to affected systems, although private enterprises are encouraged to follow suit.
CISA Adds Critical RocketMQ Bug to Must-Patch List
The CISA added CVE-2023-33246 to its Known Exploited Vulnerabilities Catalog. It means government agencies have until September 27 to apply a vendor patch to affected systems, although private enterprises are encouraged to follow suit.
CISA Adds Critical RocketMQ Bug to Must-Patch List
The CISA added CVE-2023-33246 to its Known Exploited Vulnerabilities Catalog. It means government agencies have until September 27 to apply a vendor patch to affected systems, although private enterprises are encouraged to follow suit.
CISA Adds Critical RocketMQ Bug to Must-Patch List
The CISA added CVE-2023-33246 to its Known Exploited Vulnerabilities Catalog. It means government agencies have until September 27 to apply a vendor patch to affected systems, although private enterprises are encouraged to follow suit.
FREE GUIDE