![]() |
Description: A new variant of the Snake Keylogger malware is being used to actively target Windows users located in China, Turkey, Indonesia, Taiwan, and Spain.
Fortinet FortiGuard Labs said the new version of the malware has been behind over 280 million blocked infection attempts worldwide since the start of the year.
"Typically delivered through phishing emails containing malicious attachments or links,
February 19th, 2025 (5 months ago)
|
![]() |
Description: Written by: Dan Black
Google Threat Intelligence Group (GTIG) has observed increasing efforts from several Russia state-aligned threat actors to compromise Signal Messenger accounts used by individuals of interest to Russia's intelligence services. While this emerging operational interest has likely been sparked by wartime demands to gain access to sensitive government and military communications in the context of Russia's re-invasion of Ukraine, we anticipate the tactics and methods used to target Signal will grow in prevalence in the near-term and proliferate to additional threat actors and regions outside the Ukrainian theater of war.
Signal's popularity among common targets of surveillance and espionage activity—such as military personnel, politicians, journalists, activists, and other at-risk communities—has positioned the secure messaging application as a high-value target for adversaries seeking to intercept sensitive information that could fulfil a range of different intelligence requirements. More broadly, this threat also extends to other popular messaging applications such as WhatsApp and Telegram, which are also being actively targeted by Russian-aligned threat groups using similar techniques. In anticipation of a wider adoption of similar tradecraft by other threat actors, we are issuing a public warning regarding the tactics and methods used to date to help build public awareness and help communities better safeguard themselves from similar threats.
We are g...
February 19th, 2025 (5 months ago)
|
![]() |
Description: Russian threat actors have been launching phishing campaigns that exploit the legitimate "Linked Devices" feature in the Signal messaging app to gain unauthorized access to accounts of interest. [...]
February 19th, 2025 (5 months ago)
|
![]() |
Description: Google’s Threat Intelligence Group (GTIG) has uncovered a series of cyber-espionage campaigns by Russian state-aligned hackers targeting Signal Messenger accounts. These operations, attributed to groups such as APT44 (Sandworm), UNC5792, UNC4221, and Turla, aim to compromise secure communications used by military personnel, politicians, and activists. By abusing Signal’s “linked devices” feature, these actors gain persistent …
The post Russian Hackers Exploit Signal’s Linked Devices to Spy on Users appeared first on CyberInsider.
February 19th, 2025 (5 months ago)
|
![]() |
Description: Users who are on the lookout for popular games were lured into downloading trojanized installers that led to the deployment of a cryptocurrency miner on compromised Windows hosts.
The large-scale activity has been codenamed StaryDobry by Russian cybersecurity company Kaspersky, which first detected it on December 31, 2024. It lasted for a month.
Targets of the campaign include individuals and
February 19th, 2025 (5 months ago)
|
![]() |
Description: Venture capital and private equity firm Insight Partners has confirmed a cyberattack that exposed its internal systems to an unauthorized third party. The attack, which occurred on January 16, 2025, was executed through a sophisticated social engineering scheme. While the firm is still investigating the full impact, concerns remain over the potential exposure of sensitive …
The post Insight Partners Investigates Data Breach Following Cyberattack appeared first on CyberInsider.
February 19th, 2025 (5 months ago)
|
![]() |
February 19th, 2025 (5 months ago)
|
![]() |
Description: Movable Type provided by Six Apart Ltd. contains multiple cross-site scripting vulnerabilities.
February 19th, 2025 (5 months ago)
|
![]() |
Description: RevoWorks SCVX and RevoWorks Browser provided by J’s Communication Co., Ltd. contain an incorrect resource transfer between spheres vulnerability.
February 19th, 2025 (5 months ago)
|
![]() |
Description: The campaign heavily uses Dropbox folders and PowerShell scripts to evade detection and quickly scrapped infrastructure components after researchers began poking around.
February 19th, 2025 (5 months ago)
|