The Fall of LabHost: Law Enforcement Shuts Down Phishing Service Provider

In late 2021, LabHost (AKA LabRat) emerged as a new PhaaS platform, growing over time to eventually offer dozens of phishing pages targeting banks, high-profile organizations, and other service providers located around the world, but most notably in Canada, the Read More …

Police bust global cyber gang accused of industrial-scale fraud

Police have taken down a gang accused of using a technology service that helped criminals use fraudulent text messages to steal from victims. They have arrested 37 people worldwide and are contacting victims. Officers say younger people who grew up Read More …

Cisco Duo says a third-party data breach stole MFA SMS logs

Cisco Duo has confirmed some sensitive customer data was stolen after a third-party cyber-incident. In a breach notification letter sent to affected customers, Cisco Duo said that its telephony provider, which it didn’t name, was compromised on April 1 2024. Read More …

SteganoAmor campaign: TA558 mass-attacking companies and public institutions all around the world

Researchers from the Positive Technologies Expert Security Center discovered more than three hundred attacks worldwide, which they confidently attributed to the well-known TA558 group. As originally described by researchers at ProofPoint, TA558 is a relatively small financially motivated cybercrime group Read More …

Russian businesses targeted by novel ransomware gang

Attacks with a Conti ransomware code-based backdoor have been deployed by the new Muliaka ransomware operation against businesses across Russia since at least December, according to The Record, a news site by cybersecurity firm Recorded Future. Windows systems and VMware Read More …

ScrubCrypt Deploys VenomRAT with an Arsenal of Plugins

Last year, FortiGuard Labs uncovered the 8220 Gang’s utilization of ScrubCrypt to launch attacks targeting exploitable Oracle WebLogic Servers. ScrubCrypt has been described as an “antivirus evasion tool” that converts executables into undetectable batch files. It offers several options to Read More …

LazyStealer: Sophisticated does not mean better

In the first quarter of 2024, researchers from Positive Technologies Expert Security Center (PT ESC) detected a series of attacks targeting government organizations in Russia, Belarus, Kazakhstan, Uzbekistan, Kyrgyzstan, Tajikistan, and Armenia. The research team could not find any links Read More …

Cloud Werewolf spearphishes Russian and Belarus government employees with fake spa vouchers and federal decrees

The BI.ZONE Threat Intelligence team has revealed another campaign by Cloud Werewolf aiming at Russian and Belarusian government organizations. According to the researchers, the group ran at least five attacks in February and March. The adversaries continue to rely on Read More …

Phishing Attack Targets Apple Users With Password Resets

If you suddenly receive dozens of password-reset notifications on your iPhone, watch out: You’re probably facing a devious phishing attack targeting Apple users. The malicious tactic is intended to to trick iPhone users into handing over access to their Apple Read More …