Ducktail Spear-Phishing Campaign Uses LinkedIn to Hijack Facebook Business Accounts
A spear-phishing campaign dubbed "Ducktail" has been discovered targeting marketing and HR professionals through LinkedIn, with the aim of taking over Facebook Business accounts and abusing the Ads function to run...
Supercharged Version of Amadey Infostealer & Malware Dropper Bypasses AVs
A dangerous malware variant called "Amadey Bot" that has been largely dormant for the past two years has surfaced again with new features that make it stealthier, more persistent,...
Rare ‘CosmicStrand’ UEFI Rootkit Swings into Cybercrime Orbit
A Windows firmware rootkit known as "CosmicStrand" has appeared in the cyberthreat firmament, targeting the Unified Extensible Firmware Interface (UEFI) to achieve stealth and persistence.
UEFI firmware is tasked with...
Qakbot Is Back With a New Trick: DLL Sideloading
Known for its constant evolution, Qakbot malware has returned with a new twist — the use of .DLL sideloading to execute the malicious file.
Researchers from Cyble recently warned that...
ICYMI: Neopets & the Gaming Problem; SolarWinds Hackers Are Back; Google Ads Abused
Welcome to Dark Reading's weekly digest of the can't-miss stories of the week, featuring the lowdown on the Neopets breach and what it means for consumer-facing companies of all...
Phishing Bonanza: Social-Engineering Savvy Skyrockets as Malicious Actors Cash In
This week, it came to light that gaming platform Roblox was breached via a phishing/social-engineering attack that led to the theft of internal documents and the leaking of them online...
Snowballing Ransomware Variants Highlight Growing Threat to VMware ESXi Environments
The latest confirmations of the growing attacker interest in VMware ESXi environments are two ransomware variants that surfaced in recent weeks and have begun hitting targets worldwide.
One of the...
Google Chrome Zero-Day Weaponized to Spy on Journalists
A zero-day vulnerability in Google Chrome was used by the established spyware group Candiru to compromise users in the Middle East — specifically journalists in Lebanon.
Avast researchers said attackers...
Critical Bugs Threaten to Crack Atlassian Confluence Workspaces Wide Open
Atlassian on Thursday urged organizations using its Questions for Confluence app to immediately update to the latest version of the software or to apply a mitigation measure to protect...
Mysterious, Cloud-Enabled macOS Spyware Blows Onto the Scene
A previously unknown macOS spyware has surfaced in a highly targeted campaign, which exfiltrates documents, keystrokes, screen captures, and more from Apple machines. Interestingly, it exclusively uses public cloud-storage...