Penetration Testing

MAY 14, 2025

Malware authors have begun exploiting Google Calendar invites and Unicode Private Use Area (PUA) characters to deliver obfuscated The post Obfuscated Malware Delivered via Google Calendar Invites and Unicode PUAs appeared first on Daily CyberSecurity.

Malware 102

Malware Cybersecurity 102

Malwarebytes

MARCH 17, 2025

Instead of converting files, the tools actually load malware onto victims computers. The FBI warned specifically about that malware leading to ransomware attacks, but we’ve also seen similar sites that install browser hijackers, adware, and potentially unwanted programs (PUPs). This is the actual malware. Imageconvertors[.]com

Malware 140

Malware Adware Education Phishing 140

Penetration Testing

MAY 13, 2025

The Seqrite Labs APT-Team has uncovered a complex cyber-espionage operation dubbed Swan Vector, targeting educational institutions and the The post Swan Vector Espionage Targets Japan & Taiwan with Advanced Malware appeared first on Daily CyberSecurity.

Malware 107

Malware Education Cybersecurity 107

The Last Watchdog

JANUARY 7, 2025

Ramat Gan, Israel, January 7th, 2025, CyberNewswire — CyTwist , a leader in advanced next-generation threat detection solutions, has launched its patented detection engine to combat the insidious rise of AI-generated malware. Evasion: AI-generated threats mimic human behavior, complicating detection for security teams.

Threat Detection 130

Threat Detection Engineering Malware Artificial Intelligence 130

Penetration Testing

MAY 14, 2025

First spotted in 2022 and actively developed ever since, DarkCloud Stealer has reemerged with a sophisticated new variant The post DarkCloud Stealer Returns: AutoIt-Powered Malware Strikes with New Stealth Tactics appeared first on Daily CyberSecurity.

Malware 109

Malware Cybersecurity Phishing 109

Tech Republic Security

MAY 13, 2025

By downloading what they believe is an AI-generated video, victims have installed malware that can steal their data or offer attackers remote access to infected devices.

Malware 132

Malware Artificial Intelligence Social Engineering Engineering 132

Security Affairs

JANUARY 20, 2025

Researchers linked the threat actor DoNot Teamto a new Android malware that was employed in highly targeted cyber attacks. CYFIRMA researchers linked a recently discovered Android malware to the Indian APT group known as DoNot Team. The group persistently employs similar techniques in their Android malware.”

Malware 117

Malware Cyber Attacks Mobile Phishing 117

Security Affairs

APRIL 25, 2025

Researchers identified a new malware, named DslogdRAT, deployed after exploiting a now-patched flaw in Ivanti Connect Secure (ICS). JPCERT/CC researchers reported that a new malware, dubbed DslogdRAT, and a web shell were deployed by exploiting a zero-day vulnerability during attacks on Japanese organizations in December 2024.

Malware 96

Malware Hacking Authentication Cybersecurity 96

Penetration Testing

APRIL 12, 2025

AhnLab Security intelligence Center (ASEC) has revealed a cyberattack campaign where Arabic-speaking attackers are distributing ViperSoftX malware, targeting The post ViperSoftX Malware: Arabic-Speaking Attackers Exploit PowerShell in New Cyberattack Campaign appeared first on Daily CyberSecurity.

Malware 114

Malware Security Intelligence Cybersecurity Software 114

Penetration Testing

MAY 12, 2025

CYFIRMA researchers have revealed a new.NET-based information stealer called PupkinStealer, a lightweight but highly targeted malware that The post PupkinStealer: Tiny Malware, Big Theft via Telegram Bot Exposed appeared first on Daily CyberSecurity.

Malware 93

Malware Cybersecurity 93

SecureWorld News

JANUARY 7, 2025

Cybersecurity in today's world is akin to the enchanted realms of fairy tales, where threats lurk in dark digital forests and heroes wield keyboards instead of swords. Welcome to SecureWorld's theme for 2025: Once Upon a Time in Cybersecurity. Welcome to SecureWorld's theme for 2025: Once Upon a Time in Cybersecurity.

Cybersecurity 113

Cybersecurity Social Engineering Phishing Engineering 113

Schneier on Security

SEPTEMBER 17, 2024

Interesting social engineering attack: luring potential job applicants with fake recruiting pitches, trying to convince them to download malware. The capacity for exploitation at that point is pretty much unlimited, due to the flexibility of Python and how it interacts with the underlying OS.

Malware 307

Malware Social Engineering Engineering Hacking 307

Jane Frankland

MAY 18, 2025

Cybersecurity has entered a new era. In this blog, Ill be examining how AI is reshaping the fight on both sides, shedding light on the unprecedented collaboration among hackers, and why the old cybersecurity playbook is no match for todays challenges. The harsh truth is that no prevention strategy can ever be 100% effective.

Cybersecurity 130

Cybersecurity Ransomware Backups Firewall 130

Malwarebytes

APRIL 24, 2025

Then you’re like millions of other users now at risk from a new form of cybercrime – malware that can read your credit or debit card and hand its data over to an attacker. The malware, which cybersecurity company Cleafy calls SuperCard X, uses a feature now found in most Android phones: near-field communication (NFC).

Malware 100

Malware Banking Software Social Engineering 100

Malwarebytes

APRIL 24, 2025

ELUSIVE COMET targets its victims by luring them into a Zoom video call and then taking over their PC to install malware, infiltrate their accounts, and steal their assets. Zoom takeovers in action ELUSIVE COMET tried this trick on the CEO of cybersecurity consulting company Trail of Bits, but it didn’t work on him.

Malware 139

Malware Media Accountability Cryptocurrency 139

Malwarebytes

JANUARY 16, 2025

The FBI says it has removed PlugX malware from thousands of infected computers worldwide. The move came after suspicion that cybercriminals groups under control of the Peoples Republic of China (PRC) used a version of PlugX malware to control, and steal information from victims’ computers.

Malware 121

Malware DNS Internet Internet 121

Penetration Testing

MAY 7, 2025

Lampion, the banking malware first observed in 2019, has reemerged with new tricks. In a detailed analysis, Unit The post Lampion Malware Returns with ClickFix Tactics to Target Portuguese Sectors appeared first on Daily CyberSecurity.

Malware 94

Malware Banking Cybersecurity 94

Penetration Testing

MAY 14, 2025

The ReversingLabs research team has uncovered yet another software supply chain attack targeting the cryptocurrency ecosystem, this time The post PyPI Malware Alert: Malicious ‘solana-token’ Package Targets Solana Developers appeared first on Daily CyberSecurity.

Malware 92

Malware Cryptocurrency Software Cybersecurity 92

The Last Watchdog

NOVEMBER 11, 2024

However, before we get too carried away, it is crucial to explore the symbiotic relationship between AR and cybersecurity. This is primarily because AR is still relatively new and a rapidly evolving technology, which ultimately means that it is bound to bring about unprecedented opportunities, challenges, and even risks to cybersecurity.

Cybersecurity 130

Cybersecurity Social Engineering Technology Threat Detection 130

SecureWorld News

MAY 9, 2025

Google's Threat Intelligence Group (GTIG) has identified a new malware strain, dubbed "LOSTKEYS," attributed to the Russian state-sponsored hacking group COLDRIVER. The introduction of LOSTKEYS signifies a strategic shift towards deploying malware for direct data exfiltration.

Malware 85

Malware Social Engineering Engineering Government 85

Security Affairs

MAY 1, 2025

Hive0117 targets Russian firms in multiple sectors with phishing attacks using a modified version of the DarkWatchman malware. A cybercrime group named Hive0117 is behind a fresh phishing campaign that targeted Russian organizations with a new version of the DarkWatchman malware, according to Russian cybersecurity firm F6.

Malware 88

Malware Phishing Telecommunications Retail 88

SecureWorld News

OCTOBER 23, 2024

Securities and Exchange Commission (SEC) announced Tuesday that it has fined four companies $7 million for misleading statements about their cybersecurity incidents, particularly concerning the high-profile 2019 SolarWinds hack. The SEC charged the companies with "materially misleading disclosures regarding cybersecurity risks and intrusions."

Cybersecurity 113

Cybersecurity Risk Hacking Software 113

Penetration Testing

MAY 9, 2025

A new cyberattack is targeting macOS users, with the Atomic Stealer malware being distributed under the guise of The post Atomic Stealer Malware Targets macOS Users with Fake Evernote Crack appeared first on Daily CyberSecurity.

Malware 78

Malware Cybersecurity 78

Penetration Testing

MAY 12, 2025

Palo Alto Networks Unit 42 has uncovered a sophisticated obfuscation technique leveraging steganography to hide malware within bitmap The post Stealth in Pixels: NET Malware Hides Payloads in Bitmap Resources appeared first on Daily CyberSecurity.

Malware 80

Malware Cybersecurity 80

Penetration Testing

MAY 18, 2025

Aidan Leon, cybersecurity practitioner and threat analyst at ZeroDay Labs, has disclosed a sophisticated supply chain attack involving The post RVTools Supply Chain Attack: Bumblebee Malware Delivered via Trusted VMware Utility appeared first on Daily CyberSecurity.

Malware 78

Malware Cybersecurity 78

The Last Watchdog

DECEMBER 18, 2024

Wojtasiak Mark Wojtasiak , VP of Research and Strategy, Vectra AI In the coming year, well see the initial excitement that surrounded AIs potential in cybersecurity start to give way due to a growing sense of disillusionment among security leaders. The SEC Cybersecurity Disclosure Rule highlights transparency in governance.

Cybersecurity 130

Cybersecurity CISO Risk Government 130

Malwarebytes

MAY 1, 2025

Without robust IT budgets or fully staffed cybersecurity departments, small businesses often rely on their own small stable of workers (including sole proprietors with effectively zero employees) to stay safe online. That means that what worries these businesses most in cybersecurity is what is most likely to work against them.

Small Business 94

Small Business Cybersecurity Passwords Scams 94

Penetration Testing

MAY 18, 2025

Recently, WithSecures Threat Intelligence team uncovered a sophisticated malware campaign where the open-source password manager KeePass was trojanised The post Trojanized KeePass Used to Deploy Cobalt Strike and Steal Credentials appeared first on Daily CyberSecurity.

Password Management 138

Password Management Passwords Malware Cybersecurity 138

The Last Watchdog

APRIL 7, 2025

Despite advanced AI detection and telemetry analysis offered in todays EDR solutions, modern infostealer malware is designed to evade even the most sophisticated defenses, using tactics like polymorphic malware, memory-only execution, and exploitation of zero-day vulnerabilities or outdated software.

Antivirus 113

Antivirus Malware Cybercrime Identity Theft 113

Penetration Testing

MAY 15, 2025

Zscaler ThreatLabz has uncovered a new and dangerous malware loader dubbed TransferLoader, actively used in the wild since The post TransferLoader Malware Unmasked: IPFS-Enabled Loader Deploys Ransomware and Backdoors with Obfuscation Precision appeared first on Daily CyberSecurity.

Malware 78

Malware Ransomware Cybersecurity 78

Centraleyes

DECEMBER 16, 2024

As we approach 2025, the cybersecurity landscape is evolving rapidly, shaped by technological advancements, regulatory shifts, and emerging threats. Below is an exhaustive list of key cybersecurity trends to watch out for in 2025. Lets explore the top current cybersecurity trends this year. The challenge?

Cybersecurity 98

Cybersecurity Insurance Cyber Insurance Technology 98

Penetration Testing

MAY 13, 2025

In a recent investigation, FortiGuard Labs has exposed a sophisticated phishing campaign distributing the Horabot malware family, a The post Horabot Malware Targets Latin America with Sophisticated Phishing appeared first on Daily CyberSecurity.

Phishing 71

Phishing Malware Cybersecurity 71

The Hacker News

MAY 14, 2025

Cybersecurity researchers have discovered a new phishing campaign that's being used to distribute malware called Horabot targeting Windows users in Latin American countries like Mexico, Guatemala, Colombia, Peru, Chile, and Argentina.

Phishing 85

Phishing Malware Cybersecurity 85

Krebs on Security

NOVEMBER 12, 2024

Ben McCarthy , lead cybersecurity engineer at Immersive Labs , called special attention to CVE-2024-43602 , a remote code execution vulnerability in Windows Kerberos , the authentication protocol that is heavily used in Windows domain networks. “This is one of the most threatening CVEs from this patch release,” McCarthy said.

Authentication 272

Authentication Engineering Malware Passwords 272

IT Security Guru

MARCH 26, 2025

This transformation comes with immense responsibility from our business, IT and especially cybersecurity professionals to keep data safe and their colleagues, friends and family members protected from fraud and intrusion of privacy. With AI evolving rapidly, what new cybersecurity challenges will IT professionals need to tackle?

Cybersecurity 113

Cybersecurity Encryption Threat Detection Authentication 113

Jane Frankland

APRIL 10, 2025

Just like the three wise monkeys , some small business owners are unintentionally following a philosophy of see no risk, hear no warning, speak no threat when it comes to cybersecurity. In the context of cybersecurity, its a silent enabler for hackers who thrive on unguarded systems and untrained staff.

Small Business 130

Small Business Risk Cybersecurity Cyber Risk 130

SecureWorld News

FEBRUARY 25, 2025

Artificial intelligence (AI) is transforming industries at an unprecedented pace, and its impact on cybersecurity is no exception. From automating cybersecurity defenses to combatting adversarial AI threats, the report underscores both the power and pitfalls of AI-driven security.

Cybersecurity 95

Cybersecurity Social Engineering Artificial Intelligence Cyber threats 95