Cybersecurity researchers have uncovered a new tactic employed by hackers to conceal malware within domain name system (DNS) records, a method that poses significant challenges for traditional defense mechanisms. This technique exploits the mapping of domain names to their respective numerical IP addresses, allowing malicious scripts to operate stealthily. Recent…
A newly uncovered Malware-as-a-Service (MaaS) scheme is leveraging GitHub repositories to disseminate various infostealer families. This discovery was made by cybersecurity analysts at Cisco Talos, who released their findings today. The report details how the threat actors are utilizing the Amadey bot to directly source malware from public GitHub repositories…
In 2023, it was reported that security researchers at Trend Micro successfully utilized ChatGPT to generate malicious code through engagement with the AI as if it were a security analyst and penetration tester. This process enabled the model to produce sophisticated PowerShell scripts based on extensive databases of known malicious…
The iClicker website, a widely-used student engagement platform, was recently compromised in a ClickFix attack, deceiving users into installing malware via a fake “I’m not a robot” verification. Insights into the extent of the breach and protective measures are outlined below. iClicker, a crucial digital tool utilized for classroom engagement…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Malware Targets Western Officials, NGOs, and Journalists Prajeet Nair (@prajeetspeaks) • May 11, 2025 Official homepage of the Russian Federal Security Service. (Image: Shutterstock) Recent reports indicate that Russian cyber espionage group Coldriver is deploying a new strain of malware known as…
Recent cyber activities linked to North Korean threat actors, particularly the Kimsuky group, demonstrate a notable evolution in their techniques. They are increasingly leveraging living-off-the-land (LotL) strategies, relying on common services to remain undetected. A recent operation, identified as “DEEP#DRIVE” by Securonix, exemplifies this trend, utilizing PowerShell scripts and Dropbox…
A recent phishing attack known as DEEP#DRIVE has emerged as a significant threat to entities in South Korea, with thousands of victims reported. Cybersecurity experts suspect the Kimsuky group, a North Korean hacking collective, is behind this extensive cyber espionage campaign aimed primarily at South Korean businesses, government agencies, and…
Financially Motivated Threat Actor Targets PrivatBank Customers with Sophisticated Phishing Scheme A recent investigation by cybersecurity researchers at CloudSEK has uncovered a sophisticated phishing campaign orchestrated by the financially motivated group UAC-0006, aimed specifically at clients of PrivatBank, the largest state-owned bank in Ukraine. This alarming activity highlights the persistent…
Security Breach Exposes Vulnerabilities in Azure Key Vault Access Policies In a recent analysis, cybersecurity professionals uncovered significant vulnerabilities associated with Azure Key Vault’s access policies following the compromise of Entra ID (formerly Azure Active Directory) credentials. The detailed walkthrough illustrates how attackers can manipulate these access policies to retrieve…
