Hackers Using Fake Windows 11 Upgrade to Install Malware & Steals Information
Hackers Using Fake Windows 11 Upgrade to Install Malware & Steals Information
  • Alert & Advisory
  • April 20, 2022

It has been discovered that through clever manipulation of internet search results, hackers are tricking people into installing a fake malware-infected, information-stealing Windows 11 upgrade. The hackers created a near-exact replica of the Microsoft website but infected it with malicious software. When people search for "Windows 11 upgrade" or something similar, it's possible that one of the top results is the hackers' shady website.

New Browser-In-The Browser (BITB) Phishing Attacks
New Browser-In-The Browser (BITB) Phishing Attacks
  • Alert & Advisory
  • March 29, 2022

A coding ruse that is invisible to the naked eye can now be used to trick targets into disclosing sensitive information. The novel phishing technique is known as a browser-in-the-browser (BitB) attack. This type of attack employs bogus popup SSO windows to steal credentials from Google, Facebook, and Microsoft, among others.

Iranian Government-Sponsored APT Group Target Government and Commercial Networks
Iranian Government-Sponsored APT Group Target Government and Commercial Networks
  • Alert & Advisory
  • March 1, 2022

MuddyWater, an Iranian government-sponsored advanced persistent threat (APT) actor, has been observed conducting active cyber espionage and other malicious cyber operations against a variety of government and private-sector organizations in Africa and other continents, including telecommunications, defense, oil and natural gas, and relevant government agencies. This threat group is also known as Earth Vetala, MERCURY, Static Kitten, Seedworm, and TEMP. Zagros. The APT group was seen employing spearphishing, exploiting publicly known vulnerabilities, and leveraging multiple open-source tools to gain access to sensitive government and commercial networks.

New Zero-Day Chrome Web Browser Vulnerability
New Zero-Day Chrome Web Browser Vulnerability
  • Alert & Advisory
  • February 15, 2022

The Chrome web browser has eight security flaws that have been discovered and reported, including a high-severity flaw that is actively being exploited in real-world attacks. Google, on the other hand, has released fixes for the Chrome web browser's security flaws, marking the internet giant's first zero-day patch in 2022.

New Variant of BRATA Banking Trojan Infecting Android Devices
New Variant of BRATA Banking Trojan Infecting Android Devices
  • Alert & Advisory
  • January 28, 2022

New variants of the BRATA banking trojan have been discovered to be targeting global Android devices since November 2021 with advanced features, including the ability to wipe devices after stealing user data, tracking devices via GPS, and novel obfuscation techniques. The remote access trojan (RAT), which targets banks and financial institutions, is now being distributed through a downloader to avoid being detected by antivirus (AV) solutions.

Related Articles