Tag: 2024-08-01

The intelligence report discusses an ongoing malware campaign that targets software developers through social engineering tactics like fake job interviews. The threat actors behind this campaign have upgraded their tools, now supporting multiple operating systems (Windows, Linux, and macOS) and emp…

Proofpoint is tracking a cluster of cybercriminal threat activity leveraging Cloudflare Tunnels to deliver malware, particularly remote access trojans (RATs) like Xworm, AsyncRAT, VenomRAT, GuLoader, and Remcos. The campaigns employ various techniques, such as using URL files to establish connectio…

An examination of how threat actors hijack social media pages, rename them to resemble legitimate AI photo editors, and post malicious links to fake websites promoted through paid ads. The links trick users into installing endpoint management software, allowing the execution of credential stealers …

Recently, there has been a surge in malicious activity targeting a critical vulnerability (CVE-2024-32113) in the Apache OFBiz framework, a Java-based platform for developing Enterprise Resource Planning (ERP) applications. This vulnerability, a path traversal issue that can lead to remote code exe…

BI.ZONE experts have been monitoring the activities of a threat group called Bloody Wolf since late 2023. This group targets organizations in Kazakhstan using STRRAT, a commercial malware known as Strigoi Master. The attackers employ phishing emails posing as communications from government agencies…