Tag phishing

Linux Malware Leveraging Malicious RAR Filenames Evades Antivirus Detection

In a recent report from cybersecurity researchers, a new attack strategy has been revealed, utilizing phishing emails to spread an open-source backdoor known as VShell. According to Trellix researcher Sagar Bade, this “Linux-specific malware infection chain begins with a spam email containing a harmful RAR archive file.” The unique aspect of this attack is that the malicious payload is embedded directly in the filename, rather than hidden within the file’s content or through macros. By employing shell command injection and Base64-encoded Bash payloads, attackers transform routine file listing commands into triggers for automatic malware execution. This technique exploits a common, yet dangerous pattern in shell scripts, where poorly sanitized file names allow seemingly innocuous commands like eval or echo to execute arbitrary code. Additionally, this approach provides further advantages…

Linux Malware Exploits Malicious RAR Filenames to Bypass Antivirus Detection August 22, 2025 Recent research has unveiled a sophisticated attack vector targeting Linux systems, whereby threat actors utilize phishing emails to distribute an open-source backdoor named VShell. According to cybersecurity expert Sagar Bade from Trellix, this method represents a distinct…

Read More

Linux Malware Leveraging Malicious RAR Filenames Evades Antivirus Detection

In a recent report from cybersecurity researchers, a new attack strategy has been revealed, utilizing phishing emails to spread an open-source backdoor known as VShell. According to Trellix researcher Sagar Bade, this “Linux-specific malware infection chain begins with a spam email containing a harmful RAR archive file.” The unique aspect of this attack is that the malicious payload is embedded directly in the filename, rather than hidden within the file’s content or through macros. By employing shell command injection and Base64-encoded Bash payloads, attackers transform routine file listing commands into triggers for automatic malware execution. This technique exploits a common, yet dangerous pattern in shell scripts, where poorly sanitized file names allow seemingly innocuous commands like eval or echo to execute arbitrary code. Additionally, this approach provides further advantages…

Be Cautious: Fraudulent Twitter Phishing Sites Emerging

Published: July 15, 2013

Warning: A new scam is circulating through Twitter direct messages (DMs) and deceptive emails, directing users to a phishing site at “twittler.com.” This scam utilizes compromised Twitter accounts to send seemingly legitimate messages. Security expert Janne Ahlberg highlights the danger, stating, “This is a particularly insidious tactic, especially when the sender is someone you know and trust. If you receive a suspicious DM or email from a familiar contact, alert them – their account has likely been hijacked by attackers.”

The fraudulent webpage mimics the Twitter login screen and attempts to capture your login credentials, using a domain name that closely resembles the official Twitter.com, with the addition of “LL.”

To stay safe, always verify your browser’s address bar to ensure you are on the legitimate Twitter site at twitter.com before entering your login information. If you input your Twitter username…

Warning: Phishing Attack Targeting Twitter Users July 15, 2013 A concerning phishing scam has emerged, targeting Twitter users through deceptive direct messages (DMs) and counterfeit emails that direct recipients to a fraudulent website, “twittler.com.” This scheme relies on compromised Twitter accounts to deliver messages that appear trustworthy, undermining the basic…

Read More

Be Cautious: Fraudulent Twitter Phishing Sites Emerging

Published: July 15, 2013

Warning: A new scam is circulating through Twitter direct messages (DMs) and deceptive emails, directing users to a phishing site at “twittler.com.” This scam utilizes compromised Twitter accounts to send seemingly legitimate messages. Security expert Janne Ahlberg highlights the danger, stating, “This is a particularly insidious tactic, especially when the sender is someone you know and trust. If you receive a suspicious DM or email from a familiar contact, alert them – their account has likely been hijacked by attackers.”

The fraudulent webpage mimics the Twitter login screen and attempts to capture your login credentials, using a domain name that closely resembles the official Twitter.com, with the addition of “LL.”

To stay safe, always verify your browser’s address bar to ensure you are on the legitimate Twitter site at twitter.com before entering your login information. If you input your Twitter username…

Booking.com Confirms Data Breach After Hackers Access Customer Information

Booking.com is reaching out to its customers following a confirmed data breach in which a third party accessed portions of its reservation data. The company characterizes this incident as a targeted attack impacting an undisclosed number of bookings. In communications to affected customers, the exposed information may consist of names,…

Read MoreBooking.com Confirms Data Breach After Hackers Access Customer Information

“Noisy Bear Campaign Disguised as Phishing Test Revealed Targeting Kazakhstan’s Energy Sector”

Sep 06, 2025 – Malware / Cyber Espionage

A suspected Russian threat actor is behind a series of attacks aimed at Kazakhstan’s energy sector, identified as Operation BarrelFire by Seqrite Labs, which tracks the group as Noisy Bear. Active since at least April 2025, the campaign specifically targets employees of KazMunaiGas (KMG). The attackers delivered a counterfeit document purporting to be from the KMG IT department, mimicking legitimate internal communications and addressing topics like policy updates, certification processes, and salary adjustments. According to security researcher Subhajeet Singha, the infection process starts with a phishing email containing a ZIP file that includes a Windows shortcut (LNK) downloader, a decoy document related to KazMunaiGas, and a README.txt file with instructions in both Russian and Kazakh to execute a program named “KazMunayGaz_Viewer.”

Noisy Bear Campaign: Phishing Test Unveiled in Kazakhstan’s Energy Sector On September 6, 2025, cybersecurity experts revealed that a series of attacks targeting Kazakhstan’s energy sector has been linked to a threat actor possibly originating from Russia. This campaign, dubbed Operation BarrelFire, is attributed to a new group identified by…

Read More

“Noisy Bear Campaign Disguised as Phishing Test Revealed Targeting Kazakhstan’s Energy Sector”

Sep 06, 2025 – Malware / Cyber Espionage

A suspected Russian threat actor is behind a series of attacks aimed at Kazakhstan’s energy sector, identified as Operation BarrelFire by Seqrite Labs, which tracks the group as Noisy Bear. Active since at least April 2025, the campaign specifically targets employees of KazMunaiGas (KMG). The attackers delivered a counterfeit document purporting to be from the KMG IT department, mimicking legitimate internal communications and addressing topics like policy updates, certification processes, and salary adjustments. According to security researcher Subhajeet Singha, the infection process starts with a phishing email containing a ZIP file that includes a Windows shortcut (LNK) downloader, a decoy document related to KazMunaiGas, and a README.txt file with instructions in both Russian and Kazakh to execute a program named “KazMunayGaz_Viewer.”

Caution: Avoid Clicking That Google Docs Link from Your Email!

Recent reports indicate that many individuals—including prominent journalists and cybersecurity professionals—are being targeted by a sophisticated OAuth phishing campaign masquerading as a legitimate Google Docs sharing notification. Upon receiving a seemingly innocuous email claiming that a contact has shared a document, users are advised not to click the link under…

Read MoreCaution: Avoid Clicking That Google Docs Link from Your Email!

⚡ Weekly Highlights: Fortinet Vulnerabilities, RedLine Clipjack, NTLM Cracking, Copilot Attack & More

Emerging Cyber Threats: A Week in Review In the swiftly evolving landscape of cybersecurity, the distinctions between routine updates and significant breaches are increasingly blurred. Systems that once appeared secure are now subject to relentless challenges posed by new artificial intelligence tools, interconnected devices, and intricate automated systems. These innovations…

Read More⚡ Weekly Highlights: Fortinet Vulnerabilities, RedLine Clipjack, NTLM Cracking, Copilot Attack & More

How Opening a Malicious PowerPoint File Can Compromise Your PC

In recent developments within the cybersecurity landscape, a noteworthy malware campaign has emerged, capitalizing on a previously reported vulnerability in Microsoft Office. This particular flaw, identified as CVE-2017-0199, relates to the Windows Object Linking and Embedding (OLE) interface. Although Microsoft issued a patch addressing this vulnerability earlier this year, threat…

Read MoreHow Opening a Malicious PowerPoint File Can Compromise Your PC

Foursquare Security Flaw Exposes Email Addresses of 45 Million Users

Foursquare Exposes 45 Million Users’ Email Addresses: A Major Security Flaw Uncovered Foursquare, a popular location-based social networking platform with a user base of approximately 45 million individuals, has recently faced a significant vulnerability that potentially exposed the primary email addresses of its users. This flaw was uncovered by penetration…

Read MoreFoursquare Security Flaw Exposes Email Addresses of 45 Million Users

Teen Hacker Who Breached Jail Network to Secure Friend’s Early Release Now Faces Jail Time

Technical Breach at Washtenaw County Jail: Hacker Faces Federal Charges In an alarming incident of cyber intrusion, a 27-year-old man from Ann Arbor, Michigan, has been charged for hacking into the Washtenaw County Jail’s computer system. Konrads Voits allegedly exploited various cyber techniques to manipulate inmate records, hoping to secure…

Read MoreTeen Hacker Who Breached Jail Network to Secure Friend’s Early Release Now Faces Jail Time