Phishing - Cybersec Sentinel (Page 2)

Phishing

A collection of 22 posts

DarkGate Malware Exploits Microsoft Teams and AnyDesk for Remote Access

DarkGate Malware Exploits Microsoft Teams and AnyDesk for Remote Access

Threat Group: Unknown Threat Type: Remote Access Trojan (RAT) Exploited Vulnerabilities: CVE-2024-21412 Malware Used: DarkGate Threat Score: High (8.5/10) – Due to its advanced evasion techniques, multifunctionality, and recent exploitation of widely used platforms like Microsoft Teams. Last Threat Observation: December 17, 2024 Overview DarkGate is a highly sophisticated

Cybercriminals Leverage Fake CAPTCHAs for Malware Delivery

Cybercriminals Leverage Fake CAPTCHAs for Malware Delivery

Threat Group: Unknown Threat Type: Malvertising, Phishing Exploited Vulnerabilities: Social Engineering, Malvertising Networks Malware Used: Lumma Stealer Threat Score: High (8.5/10) – Due to its widespread reach, advanced obfuscation techniques, and ability to harvest sensitive data. Last Threat Observation: December 2024 (Multiple Security Sources) Overview Cybercriminals are increasingly exploiting

Golden Chickens more_eggs Exploits Social Engineering for Infections

Golden Chickens more_eggs Exploits Social Engineering for Infections

Threat Group: Golden Chickens (aka Venom Spider) Threat Type: Malware-as-a-Service (MaaS) Exploited Vulnerabilities: Social engineering via spear-phishing Malware Used: More_eggs backdoor, RevC2 backdoor, Venom Loader Threat Score: High (8.0/10) — Due to sophisticated delivery mechanisms, evasion techniques, and deployment of multi-functional payloads Last Threat Observation: December 7 Overview

SmokeLoader A Modular Malware Loader Returns in Targeted Campaigns

SmokeLoader A Modular Malware Loader Returns in Targeted Campaigns

Threat Group: SMOKY SPIDER Threat Type: Modular Malware Loader Exploited Vulnerabilities: CVE-2017-0199, CVE-2017-11882 Malware Used: SmokeLoader (also known as Dofoil, Sharik) Threat Score: High (8.5/10) — Due to its advanced evasion techniques, modular capabilities, and recent resurgence targeting critical sectors. Last Threat Observation: December 3, 2024 Overview SmokeLoader, a

Rockstar 2FA Phishing Kit Empowers Hackers to Bypass MFA Defenses

Rockstar 2FA Phishing Kit Empowers Hackers to Bypass MFA Defenses

Threat Group: Storm-1575 Threat Type: Phishing-as-a-Service (PhaaS) Exploited Vulnerabilities: User credentials and session cookies Malware Used: Rockstar 2FA phishing kit Threat Score: High (8.5/10) — Due to its capability to bypass multi-factor authentication (MFA) and widespread targeting of Microsoft 365 users. Last Threat Observation: November 30, 2024 Overview The

Iranian Hackers Deploy WezRat in Targeted Phishing Campaigns

Iranian Hackers Deploy WezRat in Targeted Phishing Campaigns

Threat Group: - Emennet Pasargad (Cotton Sandstorm) Threat Type: - Remote Access Trojan (RAT) / Infostealer Exploited Vulnerabilities: - Social engineering through phishing campaigns Malware Used: - WezRat Threat Score: - High (8.5/10) — Due to its modular design, advanced espionage capabilities, and targeted nature. Last Threat Observation: - November

HawkEye Malware Continues to Threaten Organizations with Advanced Evasion

HawkEye Malware Continues to Threaten Organizations with Advanced Evasion

Threat Group: Various Cybercriminal Actors Threat Type: Information-Stealing Malware Exploited Vulnerabilities: Primarily delivered via phishing emails and "free" software disguised as malware; also targets vulnerabilities in Microsoft Office to execute malicious code. Malware Used: HawkEye, also known as PredatorPain Threat Score: High (8.5/10) — Given its long

Iranian Hackers Use GitHub and Phishing to Evade Detection in SnailResin Attack

Iranian Hackers Use GitHub and Phishing to Evade Detection in SnailResin Attack

Threat Group: Smoke Sandstorm (also tracked as TA455) Threat Type: Trojan Loader Exploited Vulnerabilities: Phishing and social engineering tactics Malware Used: SnailResin (loader), SlugResin (backdoor) Threat Score: High (8.5/10) — Due to advanced delivery techniques, cross-industry targeting, and evasive C2 methods Last Threat Observation: November 14, 2024. Overview The

Remcos RAT Malware Campaign Poses Persistent Threat to Windows Users

Remcos RAT Malware Campaign Poses Persistent Threat to Windows Users

Cybersec Sentinel November 9, 2024 Threat Group: Various Cybercriminal Entities Threat Type: Remote Access Trojan (RAT) Exploited Vulnerabilities: Phishing emails, CVE-2017-0199, multi-layer obfuscation Malware Used: Remcos RAT Threat Score: Medium Last Threat Observation: November 9, 2024 Overview Remcos RAT, a commercial RAT initially marketed as a legitimate tool for remote

OpenAI Impersonation Scam Puts ChatGPT Users at Risk

OpenAI Impersonation Scam Puts ChatGPT Users at Risk

Threat Group: Unknown Cybercriminals Threat Type: Phishing Attack Exploited Vulnerabilities: Credential Harvesting Malware Used: None detected, phishing-only campaign Threat Score: High (7.5/10) — Due to scale and the use of advanced impersonation tactics. Last Threat Observation: November 2024 Threat Group: Unknown Cybercriminals Threat Type: Phishing Attack Exploited Vulnerabilities: Credential