Cybersecurity

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 102

26 sec read20 views0 listens

The latest Security Affairs Malware Newsletter rounds up significant cybersecurity threats, including a supply chain attack on OptinMonster, a China-nexus actor targeting medical research, and new Android and Windows malware. It also details advanced persistent threats like APT37, stealthy techniques using Microsoft Teams, and the disruption of the SocGholish operation. Emerging research explores AI for malware classification and resilience against zero-day attacks.

Read the full article at Security Affairs

Want to create content about this topic? Use Nemati AI tools to generate articles, social posts, and more.

Global cybersecurity agencies warn of credential exposure in FortiBleed campaign targeting Fortinet firewalls, VPN gateways

Threat actors are exploiting weak credentials to gain unauthorized access to Fortinet firewalls and VPN gateways through a campaign known as FortiBleed. This highlights a critical cybersecurity gap where credential reuse and poor password hygiene are...

Ali Nemati

Cybersecurity1 day ago29 sec read

FortiBleed: The Most Detailed Breakdown Yet of an Active Russian Credential-Harvesting Operation

A sophisticated Russian credential-harvesting campaign called FortiBleed has compromised over 430,000 FortiGate firewalls globally, extracting 110 million credentials through a five-phase operation still targeting 19,000 devices. The attack abuses le...

Ali Nemati

Cybersecurity6 days ago29 sec read

ClickFix Campaign Uses EtherHiding and GULoader to Infect Windows Users via Fake CAPTCHA

A sophisticated cyberattack campaign is targeting desktop Windows users by deploying fake CAPTCHA overlays on compromised WordPress sites to deliver GULoader malware. This threat leverages blockchain-based payload delivery and social engineering to b...

Ali Nemati

Cybersecurity6 days ago1m & 1 s read

Ghostwriter Hackers Abuse Gmail Admin-Themed Emails to Steal Credentials and 2FA Codes

Ghostwriter Hackers Abuse Gmail Admin-Themed Emails to Steal Credentials and 2FA Codes A sophisticated cyber threat group known as Ghostwriter has been leveraging phishing tactics that mimic official Google alerts to deceive users into divulging thei...

Ali Nemati

CybersecurityJun 1527 sec read

Google exposes China espionage group that's been lurking in networks undetected since 2023

Google's Threat Intelligence Group uncovered a new Chinese state-sponsored espionage group, UNC6508, which has been operating since September 2023 and targeting U.S. and Canadian organizations across various sectors to steal sensitive data. This disc...

Ali Nemati

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 102

Related Articles

Global cybersecurity agencies warn of credential exposure in FortiBleed campaign targeting Fortinet firewalls, VPN gateways

FortiBleed: The Most Detailed Breakdown Yet of an Active Russian Credential-Harvesting Operation

ClickFix Campaign Uses EtherHiding and GULoader to Infect Windows Users via Fake CAPTCHA

Ghostwriter Hackers Abuse Gmail Admin-Themed Emails to Steal Credentials and 2FA Codes

Google exposes China espionage group that's been lurking in networks undetected since 2023