Infosec News

InfoSec News 20250212

  • Publicado: Qua, 12/02/2025 - 15:13

Top News

  • North Korea-linked APT Emerald Sleet is using a new tactic

"Microsoft Threat Intelligence has observed North Korea-linked APT Emerald Sleet using a new tactic, tricking targets into running PowerShell."

Link

TLP1 : Green

InfoSec News 20250211

  • Publicado: Ter, 11/02/2025 - 14:52

Top News

  • Crooks use Google Tag Manager skimmer to steal credit card data from a Magento-based e-stores

"Sucuri researchers observed threat actors leveraging Google Tag Manager (GTM) to install e-skimmer software on Magento-based e-stores."

Link

TLP1 : Green

InfoSec News 20250210

  • Publicado: Seg, 10/02/2025 - 14:41

Top News

  • Massive brute force attack uses 2.8 million IPs to target VPN devices

"A large-scale brute force password attack using almost 2.8 million IP addresses is underway, attempting to guess the credentials for a wide range of networking devices, including those from Palo Alto Networks, Ivanti, and SonicWall."

Link

TLP1 : Green

InfoSec News 20250207

  • Publicado: Sex, 07/02/2025 - 13:39

Top News

  • Lazarus Group Targets Organizations with Sophisticated LinkedIn Recruiting Scam

"Bitdefender Labs warns of an active campaign by the North Korea-linked Lazarus Group, targeting organizations by capturing credentials and delivering malware through fake LinkedIn job offers."

Link

TLP1 : Green

InfoSec News 20250206

  • Publicado: Qui, 06/02/2025 - 14:12

Top News

  • Hackers spoof Microsoft ADFS login pages to steal credentials

"A help desk phishing campaign targets an organization's Microsoft Active Directory Federation Services (ADFS) using spoofed login pages to steal credentials and bypass multi-factor authentication (MFA) protections."

Link

TLP1 : Green

InfoSec News 20250205

  • Publicado: Qua, 05/02/2025 - 14:10

Top News

  • AsyncRAT Abusing Python and TryCloudflare For Stealthy Malware Delivery

"In a significant finding, Forcepoint’s X-Labs research team has uncovered a new malware campaign that uses AsyncRAT, a notorious remote access trojan (RAT), along with Python scripting and TryCloudflare tunnels to deliver malicious payloads with enhanced stealth."

Link

TLP1 : Green

InfoSec News 20250204

  • Publicado: Ter, 04/02/2025 - 14:41

Top News

  • 1-Click Phishing Campaign Targets High-Profile X Accounts

"In an attack vector that's been used before, threat actors aim to commit crypto fraud by hijacking highly followed users, thus reaching a broad audience of secondary victims."

Link

TLP1 : Green

InfoSec News 20250203

  • Publicado: Seg, 03/02/2025 - 14:25

Top News

  • Casio and 16 Other Websites Hit by Double-Entry Web Skimming Attack

"Researchers uncover a double-entry website skimming attack targeting Casio and 16 other sites. Learn how cybercriminals exploited vulnerabilities to steal sensitive payment data and evade detection."

Link

TLP1 : Green

InfoSec News 20250131

  • Publicado: Sex, 31/01/2025 - 14:51

Top News

  • Coyote Banking Trojan: A Stealthy Attack via LNK Files

"Over the past month, FortiGuard Labs has identified several similar LNK files containing PowerShell commands designed to execute malicious scripts and connect to remote servers."

Link

TLP1 : Green

InfoSec News 20250130

  • Publicado: Qui, 30/01/2025 - 14:40

Top News

  • Tax Season Cybersecurity Alert: Report Reveals Surge in Tax-Related Cyberattacks

"Cybercriminals are capitalizing on the 2025 tax season with a wave of sophisticated phishing and malware campaigns, according to a new report from Proofpoint."

Link

TLP1 : Green

Páginas