In 2023, it was reported that security researchers at Trend Micro successfully utilized ChatGPT to generate malicious code through engagement with the AI as if it were a security analyst and penetration tester. This process enabled the model to produce sophisticated PowerShell scripts based on extensive databases of known malicious…
The iClicker website, a widely-used student engagement platform, was recently compromised in a ClickFix attack, deceiving users into installing malware via a fake “I’m not a robot” verification. Insights into the extent of the breach and protective measures are outlined below. iClicker, a crucial digital tool utilized for classroom engagement…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Malware Targets Western Officials, NGOs, and Journalists Prajeet Nair (@prajeetspeaks) • May 11, 2025 Official homepage of the Russian Federal Security Service. (Image: Shutterstock) Recent reports indicate that Russian cyber espionage group Coldriver is deploying a new strain of malware known as…
Recent cyber activities linked to North Korean threat actors, particularly the Kimsuky group, demonstrate a notable evolution in their techniques. They are increasingly leveraging living-off-the-land (LotL) strategies, relying on common services to remain undetected. A recent operation, identified as “DEEP#DRIVE” by Securonix, exemplifies this trend, utilizing PowerShell scripts and Dropbox…
A recent phishing attack known as DEEP#DRIVE has emerged as a significant threat to entities in South Korea, with thousands of victims reported. Cybersecurity experts suspect the Kimsuky group, a North Korean hacking collective, is behind this extensive cyber espionage campaign aimed primarily at South Korean businesses, government agencies, and…
Financially Motivated Threat Actor Targets PrivatBank Customers with Sophisticated Phishing Scheme A recent investigation by cybersecurity researchers at CloudSEK has uncovered a sophisticated phishing campaign orchestrated by the financially motivated group UAC-0006, aimed specifically at clients of PrivatBank, the largest state-owned bank in Ukraine. This alarming activity highlights the persistent…
Security Breach Exposes Vulnerabilities in Azure Key Vault Access Policies In a recent analysis, cybersecurity professionals uncovered significant vulnerabilities associated with Azure Key Vault’s access policies following the compromise of Entra ID (formerly Azure Active Directory) credentials. The detailed walkthrough illustrates how attackers can manipulate these access policies to retrieve…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime, Government Secret Blizzard Utilizes Third-Party Amadey Bots to Compromise Ukrainian Military Devices Jayant Chakravarti (@JayJay_Tech) • December 12, 2024 A Ukrainian soldier operating a drone on the battlefield in 2023. (Image: Shutterstock) A state-sponsored hacking group from Russia, identified as Center 16…
Microsoft has reported on a sophisticated cyber operation attributed to the group known as Secret Blizzard, which has utilized the Amadey malware to execute targeted attacks against specific entities. The nature of the attacks suggests that Secret Blizzard either employed Amadey as a malware-as-a-service or engaged with its command-and-control panels…
