GentleKiller Framework Disables Victims' Security Software
ESET details GentleKiller, the EDR-killer framework the Gentlemen ransomware gang gives affiliates
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
ESET details GentleKiller, the EDR-killer framework the Gentlemen ransomware gang gives affiliates
Patch Now, as Scans and Hack Attempts Happening 'at Scale,' Security Experts WarnHacker interest is high in a days-old vulnerability in widely used web application framework React, with dozens of organizations already falling victim to it, cybersecurity experts warn. React is used by an estimated two-fifths of the world's top 10,000 websites.
Bad actors are leveraging browser notifications as a vector for phishing attacks to distribute malicious links by means of a new command-and-control (C2) platform called Matrix Push C2
Cybersecurity researchers have discovered a new malvertising campaign that's designed to infect victims with a multi-stage malware framework called PS1Bot
A newly discovered phishing campaign is using social engineering to dupe victims into copying, pasting, and running the Havoc command-and-control framework on their computers, warn researchers from Fortinet. "ClickFix," displays a fake error message and instructions for its supposed resolution.
A newly uncovered ClickFix phishing campaign is tricking victims into executing malicious PowerShell commands that deploy the Havok post-exploitation framework for remote access to compromised devices. [...]
Experts Say Consumers Gain Little as Implementation Challenges Loom for FrameworkAustralia's new scams framework bill sets the foundation for industry action but leaves consumers with limited protections. Experts warn that enforcement and reimbursement mechanisms are unclear, forcing victims to navigate a complex system with little guarantee of compensation.
Campaigns like Silver Fox and Void Arachne are deploying the framework, using social media and messaging platforms to lure in victims.
3 Countries Taking Different Approaches to Accountability and Victim CompensationGovernments globally are intensifying anti-scam measures, introducing new guidelines to banks, telecom providers and other key sectors to bolster security controls and mitigate fraud risks for consumers and businesses. Some new frameworks threaten to levy stiff penalties for non-compliance.
SMS Impersonation Scam Victims Must Be Made WholeSingapore regulators gave banks six months to institute real-time detection tools for blocking impersonation scams or else assume liability for stolen funds. A finalized framework published Thursday also shifts liability onto island-nation telecoms unless they block fraudulent SMS messages
Russian-speaking users have become the target of a new phishing campaign that leverages an open-source phishing toolkit called Gophish to deliver DarkCrystal RAT (aka DCRat) and a previously undocumented remote access trojan dubbed PowerRAT
Framework Computer disclosed a data breach exposing the personal information of an undisclosed number of customers after Keating Consulting Group, its accounting service provider, fell victim to a phishing attack. [...]
We detail the modular framework of malicious Chrome extensions that consist of various highly obfuscated components that leverage Google Chrome API to monitor, intercept, and exfiltrate victim data.
An updated version of a sophisticated backdoor framework called MATA has been used in attacks aimed at over a dozen Eastern European companies in the oil and gas sector and defense industry as part of a cyber espionage operation that took place between August 2022 and May 2023
An updated version of a malware loader known as BLISTER is being used as part of SocGholish infection chains to distribute an open-source command-and-control (C2) framework called Mythic
It assesses information hackers could get from a victim program protected by an obfuscation scheme
A previously undocumented Android malware campaign has been observed leveraging money-lending apps to blackmail victims into paying up with personal information stolen from their devices
ScanBox installed after victims lured to fake Murdoch news sites with phishing emails Researchers at security company Proofpoint and PricewaterhouseCoopers (PWC) said on Tuesday they had identified a cyber espionage campaign that delivers the ScanBox exploitation framework through a malicious fake Australian news site.…
A months-long cyber espionage campaign undertaken by a Chinese nation-state group targeted several entities with reconnaissance malware so as to glean information about its victims and meet its strategic goals