Chinese-language Phishing-as-a-Service platform ‘darcula’ targets organizations in 100+ countries with sophisticated techniques using more than 20,000 phishing domains. ‘Darcula’ [sic] is a new, sophisticated Phishing-as-a-Service (PhaaS) platform used on more than 20,000 phishing domains that provide cyber criminals with easy access to branded phishing campaigns. Rather than the more typical PHP, the platform uses many tools that high-tech startups employ, including JavaScript, React, Docker,
All Articles (2531)
Sort by
Generative AI (GenAI) technologies have introduced a new era of innovation, offering organizations unprecedented capabilities to create, automate, and optimize. With these advancements come complex challenges surrounding intellectual property (IP) management. In a post-ChatGPT world, businesses find themselves at a crossroads, needing to adapt their IP strategies to safeguard their assets effectively.
See: https://redskyalliance.org/xindustry/chatgpt-review
GenAI technologies possess the dual
In 2023, FortiGuard Labs uncovered the 8220 Gang’s utilization of ScrubCrypt to launch attacks targeting exploitable Oracle WebLogic Servers. ScrubCrypt has been described as an “antivirus evasion tool” that converts executables into undetectable batch files. It offers several options to manipulate malware, making it more challenging for antivirus products to detect. Analysts recently discovered a threat actor distributing a phishing email containing malicious Scalable Vector Graphics (SVG) f
With supply chain attacks on the rise, and nation-state attackers constantly looking for new ways to disrupt national security and economic stability, one of the most vulnerable areas is the security around our maritime operations. The current US administration's recent Executive Order to fortify the cybersecurity of US ports underscores this concern, spotlighting the urgency of addressing vulnerabilities in a sector that drives over $5.4 trillion in economic activity annually. This initiative
AI might not be coming for all jobs, but it might be coming for some. UPS’s https://www.ups.com largest layoff in its 116-year history was the result of, in part, new technologies, including AI, CEO Carol Tomé said during an earnings call in February 2024. Meanwhile, IBM plans to pause hiring for roles it thinks could soon be automated by AI, CEO Arvind Krishna told Bloomberg in 2023.
Workers are not optimistic about the future. In a recent survey from McKinsey, 25% of business professional
Eclipse attacks are a special type of cyberattack where an attacker creates an artificial environment around one node, or user, which allows the attacker to manipulate the affected node into wrongful action. By isolating a target node from its legitimate neighboring nodes, eclipse attacks can produce illegitimate transaction confirmations, among other effects on the network. While these types of attacks isolate individual nodes, the effectiveness of eclipse attacks at disrupting network nodes a
The use of computers has significantly improved the transportation industry over the past few decades. Digitizing documents, automating payments, and storing information in a central location has streamlined processes and made the job easier at all levels. Unfortunately, it has also opened up the industry to cyberattacks from hackers and other forms of cybercrime. These attacks are designed to take money or information from a company or otherwise disrupt its operations. A 2021 study showed th
Red teaming is everywhere. The offensive security testing method is mentioned a dozen times in the recent artificial intelligence (AI) executive order released by President Joe Biden and accompanying draft guidance for United States’ federal agencies—and it’s a hot topic for global industry leaders and governments alike.
In the European Union, there’s a call to conduct adversarial testing in the interests of greater transparency and reporting. The Canadian government and Australian Signals Dir
Data security continues to cause angst and thus the US House of Representatives has reportedly banned congressional staffers from using Microsoft’s AI coding assistant, Copilot. This comes just weeks after Microsoft announced the official public release of AI Copilot on 14 March 2024.
The ban, implemented by the House’s Chief Administrative Officer Catherine Szpindor, reportedly stems from concerns about potential data leakage. According to Axios, Szpindor’s office believes AI Copilot “poses a
How was your Easter bank holiday? Did you use it well by, for instance, preventing a globally destructive cyber-attack? No? Try harder, then. Last weekend, a cautious, longstanding and very nearly successful attempt to insert a backdoor into a widely used piece of open-source software was thwarted, effectively by accident. Below is from Ars Technica.[1] Researchers have found a malicious backdoor in a compression tool that made its way into widely used Linux distributions, including those f
Let’s face it, we are all aware of the ever-increasing cyber risk in both our personal lives, workplace and wider society. As consumers we hand over ever-increasing volumes of valuable personal data in the expectation that organizations will invest in robust cyber security to protect it and keep it secure. Legislation also exists to drive standards through UK General Data Protection Regulation (GDPR) with the potential for up to a 4 per cent fine on global turnover for companies failing to adh
Phishing-as-a-service, or PhaaS, is a cyber threat subscription service, much like any number of other “as a service” types you may be familiar with, such as ransomware-as-a-service. One of the noted early pioneers of this model is BulletProofLink. This operation was taken down by Malaysian law enforcement in November of last year in collaboration with the Australian Federal Police and the FBI.
The general ideal of phishing-as-a-service is that service providers are offering ready-to-use phis
Apple's latest acquisition of yet another AI startup provides insight into the tech giant's plans for artificial intelligence in 2024. The startup, DarwinAI, is a Canadian visual quality inspection business that has developed ways to make AI systems smaller and more efficient. Apple’s CEO Tim Cook has vowed to share more details about the company's AI advancements in 2024, and this latest acquisition of a company that makes AI systems run efficiently on smaller devices could reinforce the idea
ANY.RUN[1] the interactive malware sandbox provider, has issued a warning about BunnyLoader, a rapidly evolving malware written in C/C++. The new version, BunnyLoader 3.0, boasts enhanced capabilities and requires users and organizations to be more vigilant than ever.
Released just in September 2023, BunnyLoader's malicious functions range from exfiltrating credentials to stealing cryptocurrency wallets and dropping additional malware.
Here are some of the key changes introduced in BunnyLoader
The Checkmarx Research team recently discovered an attack campaign targeting the software supply chain, with evidence of successful exploitation of multiple victims. These include the Top.gg GitHub organization (a community of over 170k users) and several individual developers. The threat actors used multiple TTPs in this attack, including account takeover via stolen browser cookies, contributing malicious code with verified commits, setting up a custom Python mirror, and publishing malicious
Most attempts at building a humanoid robot, such as Tesla's Optimus, focus on assisting humans with physical, manual tasks. A company called Figure, https://www.figure.ai, is among the AI robotics startups unsatisfied with just movement. The figure is trying to take its humanoid robots to the next level by integrating language, and the results are quite impressive. The figure has designed their robots for the human world, using the human form. Their robot, Figure 1, combines the human form's
Beginning 7 March 2024, EclecticIQ analysts identified an uncategorized threat actor that utilized a modified version of the open-source information stealer HackBrowserData[1] to target Indian government entities and energy sector. The information stealer was delivered via a phishing email, masquerading as an invitation letter from the Indian Air Force. The attacker utilized Slack channels as exfiltration points to upload confidential internal documents, private email messages, and cached web b
Meta’s decision to close its CrowdTangle division, a tool that tracks content across social media, has raised the ire of more than 100 research and advocacy groups who say it will make it harder to fight disinformation.
Groups including the Mozilla Foundation, the Center for Democracy and Technology and Access Now sent the social media behemoth an open letter Thursday decrying the decision to shutter the unit in August, asking Meta to, at a minimum, invest in CrowdTangle through January. Meta a
On 16 March 2024, Sentinel Labs identified a suspicious Linux binary uploaded from Ukraine. Initial analysis showed surface similarities with the infamous AcidRain wiper used to disable KA-SAT modems across Europe at the start of the Russian invasion of Ukraine (commonly identified by the ‘Viasat hack’ misnomer). Since our initial finding, no similar samples or variants have been detected or publicly reported until now. This new sample is a confirmed variant called ‘AcidPour’, a wiper with si
A sophisticated Brazilian banking Trojan uses a novel method to hide its presence on Android devices. A multi-tooled Trojan cuts apart Brazil's premier wire transfer app. Could similar malware do the same to Venmo, Zelle, or PayPal?
"PixPirate" is multipronged malware specially crafted to exploit Pix, an app for making bank transfers developed by the Central Bank of Brazil. Pix makes a good target for Brazil-nexus cybercriminals since, despite being hardly three years old, it is already integr
