Dec 17, 2024Ravie LakshmananMalware / Credential Theft A new social engineering campaign has leveraged Microsoft Teams as a way to facilitate the deployment of a known malware called DarkGate. “An attacker used social engineering via a Microsoft Teams call to impersonate a user’s client and gain remote access to their system,” Trend Micro researchers Catherine … Read more
A malware sample extracted from a fuel management system was allegedly compromised by a group linked to the Iranian CyberAv3ngers, the same group believed behind the attacks on Unitronics devices last fall that targeted water systems in the U.S. and Israel. The Claroty Team82 researchers said in a Dec. 10 post that the malware — … Read more
Dec 14, 2024Ravie LakshmananBotnet / Ad Fraud Germany’s Federal Office of Information Security (BSI) has announced that it has disrupted a malware operation called BADBOX that came preloaded on at least 30,000 internet-connected devices sold across the country. In a statement published earlier this week, authorities said they severed the communications between the devices and … Read more
Nov 23, 2024Ravie LakshmananArtificial Intelligence / Cryptocurrency The North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of cryptocurrency as part of social engineering campaigns orchestrated over a six-month period. These findings come from Microsoft, which said that multiple threat activity clusters with ties to the … Read more
Malicious packages on the Python Package Index (PyPI), claiming to provide API access to OpenAI’s ChatGPT and Anthropic’s Claude AI models, were discovered by Kaspersky researchers to contain the JarkaStealer infostealer malware, the cybersecurity company said in a blog post Thursday. The packages, named “gptplus” and “claudeai-eng,” were both uploaded by a user called … Read more
