Security News

Cybercriminals Exploiting Docker API Servers for SRBMiner Crypto Mining Attacks
2024-10-22 14:00

Bad actors have been observed targeting Docker remote API servers to deploy the SRBMiner crypto miner on compromised instances, according to new findings from Trend Micro. "In this attack, the...

Evolving cybercriminal tactics targeting SMBs
2024-10-21 04:00

A recent Todyl report revealed a 558% increase in BEC (Business Email Compromise), AiTM (Adversary-in-the-Middle), and ATO (Account Takeover) attacks in 2024. In this Help Net Security video,...

Cybercriminals Use Unicode to Hide Mongolian Skimmer in E-Commerce Platforms
2024-10-10 07:18

Cybersecurity researchers have shed light on a new digital skimmer campaign that leverages Unicode obfuscation techniques to conceal a skimmer dubbed Mongolian Skimmer. "At first glance, the thing...

Cybercriminals capitalize on poorly configured cloud environments
2024-10-04 03:30

Off-the-shelf offensive security tools and poorly configured cloud environments create openings in the attack surface, according to Elastic. Adversaries are utilizing off-the-shelf tools Offensive...

Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks
2024-09-16 04:23

Cybersecurity researchers have warned of ongoing phishing campaigns that abuse refresh entries in HTTP headers to deliver spoofed email login pages that are designed to harvest users' credentials....

Hacker trap: Fake OnlyFans tool backstabs cybercriminals, steals passwords
2024-09-05 09:15

Hackers are targeting other hackers with a fake OnlyFans tool that claims to help steal accounts but instead infects threat actors with the Lumma stealer information-stealing malware. [...]

Cybercriminals capitalize on travel industry’s peak season
2024-08-28 03:30

Cybercriminals are capitalizing on the travel and hospitality industry’s peak season, using increased traffic as cover for their attacks, according to Cequence Security. Researchers investigated...

Cybercriminals Deploy New Malware to Steal Data via Android’s Near Field Communication (NFC)
2024-08-23 19:35

A new malware called NGate allows cybercriminals to steal near field communication data from Android phones via sophisticated social engineering. The data is relayed to the fraudsters before being...

Cybercriminals exploit file sharing services to advance phishing attacks
2024-08-20 03:00

A file-sharing phishing attack is a unique type of phishing threat in which a cybercriminal poses as a known colleague or familiar file-hosting or e-signature solution and sends a target a malicious email containing a link to what appears to be a shared file or document. File-sharing phishing attacks would be a pressing issue regardless of volume, as one single successful attack can have costly consequences.

Cybercriminals Exploit Popular Software Searches to Spread FakeBat Malware
2024-08-19 12:37

Cybersecurity researchers have uncovered a surge in malware infections stemming from malvertising campaigns distributing a loader called FakeBat. Attack chains propagating the malware make use of drive-by download techniques to push users searching for popular software toward bogus lookalike sites that host booby-trapped MSI installers.