Phishing, Python and RATs, oh my A sneaky malware campaign slithers through Cloudflare tunnel subdomains to execute in-memory malicious code and give unknown attackers long-term access to pwned machines.…
Latest cybersecurity reporting from selected sources.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Refine the feed
Search across headline titles and summaries.
Volume over time
Weekly headline count for the current query.
'LockBit of phishing' EvilProxy used in more than a million attacks every month
Leaves a trail of ransomware infections, data theft, business email compromise in its wake Insight The developers of EvilProxy – a phishing kit dubbed the "LockBit of phishing" – have produced guides on using legitimate Cloudflare services to disguise malicious traffic. This adds to the ever-growing arsenal of tools offering criminals who lack actual technical expertise to get into the digital thievery biz.…
FlyingYeti phishing crew grounded after abominable Ukraine attacks
Kremlin-aligned gang used Cloudflare and GitHub resources, and they didn't like that one bit Cloudflare's threat intel team claims to have thwarted a month-long phishing and espionage attack targeting Ukraine which it has attributed to Russia-aligned gang FlyingYeti.…
Robin Banks crooks back at the table with fresh phish from Russia
Phishing-as-a-service group's toolset now includes ways to get around MFA Robin Banks, the phishing-as-a-service (PHaaS) platform that was kicked off Cloudflare for malicious activity, is back in action with a Russian service provider and new tools to make it easier to bypass security measures.…
Twilio, Cloudflare just two of 135 orgs targeted by Oktapus phishing campaign
This, this is what we mean by a sophisticated cyberattack Criminals behind the cyberattacks on Twilio and Cloudflare earlier this month had cast a much wider net in their phishing expedition, targeting as many as 135 organizations — primarily IT, software development and cloud services providers based in the US.…
Cloudflare: Someone tried to pull the Twilio phishing tactic on us too
Attack was foiled by content delivery network's hardware security keys Cloudflare says it was subject to a similar attack to one made on comms company Twilio last week, but in this case it was thwarted by hardware security keys that are required to access applications and services.…
Cloudflare buys anti-phishing business Area 1 for $162m
Bolstering email defences to keep cybercrooks at bay Krazy Glue of the internet Cloudflare has buffed up its email security with the purchase of anti-phishing firm Area 1.…