Quishing attacks, a form of phishing that leverages QR codes, have significantly increased, climbing from a mere 0.8% in 2021 to 10.8% in 2024. The figures come from the latest Egress report, which also suggests a notable decrease in attachment-based payloads, which halved from 72.7% to 35.7% over the same period. According to the new […]
Cybersecurity researchers have discovered an intricate multi-stage attack that leverages invoice-themed phishing decoys to deliver a wide range of malware such as Venom RAT, Remcos RAT, XWorm, NanoCore RAT, and a stealer that targets crypto wallets.
Key Points Magnet Goblin is a financially motivated threat actor that quickly adopts and leverages 1-day vulnerabilities in public-facing services as an initial infection vector. At least in one case of Ivanti Connect Secure VPN (CVE-2024-21887), the exploit entered the group’s arsenal as fast as within 1 day after a POC for it was published. […]
FortiGuard Labs researchers recently encountered a new Lumma Stealer campaign that leverages YouTube channels for propagation. The attackers are strategically compromising YouTube accounts and uploading videos that pretend to offer cracked software for legitimate video editing tools such as Vegas Pro. Modus operandi According to researchers, these videos contain embedded malicious URLs, enticing users to […]
The campaign leverages multiple vulnerabilities, including command injection, remote code execution, and arbitrary command execution, to gain control of targeted devices and incorporate them into the botnet.