https://bit.ly/3MC9n77 - 🔒 Cybersecurity researchers have identified a series of cyberattacks by the Iranian-backed Advanced Persistent Threat (APT) group “Agonizing Serpens,” targeting the Israeli education and tech sectors. The group aims to steal sensitive data for various purposes, including financial gain, identity theft, espionage, and causing disruption. These attacks involve rendering endpoints unusable and sometimes publishing stolen information on social media platforms. #Cybersecurity #APTGroups #DataTheft 🕵️‍♂️ Agonizing Serpens, active since 2020, employs sophisticated methods such as wipers and fake ransomware. Known by other names like Agrius, BlackShadow, and Pink Sandstorm, the group initially gains access through web server exploitation and deploys web shells for reconnaissance and network mapping. Tools like Nbtscan, WinEggDrop, and NimScan are commonly used for this purpose. #DigitalEspionage #HackerTactics #NetworkSecurity 🔐 The group's attack strategies include trying to gain admin credentials using methods like Mimikatz, SMB password spraying, and dumping the SAM file. They also use tools like Plink, WinSCP, and a custom sqlextractor for lateral movement and data exfiltration, targeting personal information like ID numbers and passport scans. Despite their efforts, many of their methods were blocked by Cortex XDR, showcasing the evolving battle between cybersecurity defenses and hacker tactics. #CyberDefense #DataExfiltration #InfoSec 🖥️ Agonizing Serpens has shown increased sophistication by employing new techniques to bypass Endpoint Detection and Response (EDR) systems. They developed custom tools like agmt.exe, a loader for the GMER driver, to terminate specific target processes. After failing to exploit the GMER driver, they turned to drvIX, leveraging a vulnerable driver from a public Proof of Concept (PoC) tool. #MalwareDevelopment #EDRBypass #CyberAttackTrends 💥 Unit 42 researchers discovered new wipers and tools used by Agonizing Serpens, including MultiLayer wiper, PartialWasher wiper, and BFG Agonizer wiper, as well as Sqlextractor, a custom tool for extracting information from database servers. These discoveries indicate the group's continual development of new tools to enhance their data theft and disruption capabilities.

Dozens Of Malicious Android Apps On Play Store Barraged Users With Ads #adfraud #adware #android #androidadwarecampaign #androidapp #androidappmalware #androidapplication #androidapps #androidappscontainingmalware #androidappsevadegooglesecurity #androidappsevadeplayprotect #androiddevice #androiddevicesvulnerable #androidmalware #androidmalwaredropper #androidphone #androidsmartphone #appscontainingmalware #evadesecurity #google #googleplay #googleplayprotect #googleplaystore #hackandroidphone #malware #malwareattack #malwarecampaign #malwaredeveloper #malwaredistributor #playstore #securityevasion #hacking #hacker #cybersecurity #hack #ethicalhacking #hacknews

https://bit.ly/47f9rS9 - 🔒Cybercriminals are exploiting macro-enabled Excel add-in (XLL) files, with .xlam files now ranking as the 7th most commonly abused extension in Q3 2023. A significant rise from the 42nd position in Q2, this trend signals an increased focus on XLL attacks, despite a previous decline in early 2023. #Cybersecurity #XLLThreat 🚀 XLL files, offering enhanced capabilities over alternatives like VBA macros, are being used more effectively by attackers due to features like multithreading support. Notably, malware developers such as Dridex and Formbook have previously adopted XLL files. The increased functionality of XLLs makes them a potent tool for cyberattacks. #MalwareDevelopment #TechSecurity 📊 After Microsoft’s default block on VBA macros, attackers shifted focus, experimenting with different file types for malware attacks. Microsoft Office documents, often perceived as safe, are increasingly being used as mediums for malware distribution. #MicrosoftSecurity #OfficeSafety 📁 Post VBA macro block, .LNK files, OneNote file experimentation, along with ISO and RAR attachments, surfaced as alternatives. The resurgence of XLL file use, despite Microsoft’s default block on XLL attachments from untrusted locations, is particularly noteworthy. #FileSecurity #CyberAttackTrends 🛡️ Attackers have successfully bypassed XLL blocks, as demonstrated in a remote access trojan (RAT) campaign using XLL attachments disguised as scanned invoices. The multithreading capability of add-ins was exploited to deploy payloads and increase the perceived legitimacy of the file. #RATAttack #CyberDefense 💼 The Parallax RAT, available for purchase, offers attackers remote control access, data exfiltration, and credential theft. Similar tactics were used in a campaign targeting LATAM hotels, installing XWorm RAT via PowerPoint add-in files. XWorm’s capabilities extend to keylogging and clipboard hijacking. #DataTheft #CybercrimeTactics 🌎 Separate XWorm attacks, targeting various industries in the US, Republic of Korea, and Germany, utilized malicious URLs embedded in .pdf, .docx, and .rtf formats. These evolving techniques highlight the need for continuous vigilance and adaptive security measures.

Mandrake Malware Is Secretly Spying On Android Users For Several Years #android #androidapp #androidappmalware #androidapps #androidappscontainingmalware #androidappsevadegooglesecurity #androidappsevadeplayprotect #androiddevice #androiddevicesvulnerable #androidhack #androidmalware #androidmalwaredropper #androidrat #appscontainingmalware #fakeandroidapp #fakeapp #fakeapplication #googleplayprotect #hackandroidphone #maliciousandroidapps #maliciousapp #malware #malwareattack #malwarecampaign #malwaredeveloper #malwaredistributor #malwaredownload #malwaredropper #malwaredroppergoogleplay #malwarevariant #mandrakeandroidmalware #mandrakemalware #playstoremaliciousapps #hacking #hacker #cybersecurity #hack #ethicalhacking #hacknews

WolfRAT Malware Targets Messengers Apps On Android Devices #android #androidapp #androidappmalware #androidapps #androidappscontainingmalware #androiddevice #androiddevicesvulnerable #androidhack #androidmalware #androidmalwaredropper #androidrat #appscontainingmalware #fakeandroidapp #fakeapp #fakeapplication #hackandroidphone #maliciousandroidapps #maliciousapp #malware #malwareattack #malwarecampaign #malwaredeveloper #malwaredistributor #malwaredownload #malwaredropper #malwaredroppergoogleplay #malwarevariant #playstoremaliciousapps #wolfrat #wolfratmalware #hacking #hacker #cybersecurity #hack #ethicalhacking #hacknews

PhantomLance Malware Campaign Has Taken Over Android Play Store #android #androidapp #androidappmalware #androidapplication #androidapps #androidappsbackdoor #androidappscontainingmalware #androiddevice #androiddevicesvulnerable #androidmalware #androidphone #androidsmartphone #appscontainingmalware #backdoor #backdoorapk #backdoors #deviceaccesspermission #google #googleplaystore #hackandroidphone #maliciousandroidapps #maliciousapp #malware #malwareattack #malwarecampaign #malwaredeveloper #oceanlotusapt #phantomlancemalwarecampaign #playstore #playstoremaliciousapps #privacybypass #hacking #hacker #cybersecurity #hack #ethicalhacking #hacknews

New EventBot Android Malware Is An InfoStealer, KeyLogger, Spyware, And More #android #androiddevicesvulnerable #androidhack #androidmalware #androidmalwaredropper #androidrat #androidsensorhack #androidsensorhacked #androidsensorhacking #androidsmartphone #antivirus #antivirussoftware #banking #bankingappmalware #bankingtrojan #bankingtrojans #eventbotandroidmalware #eventbotmalware #googleplayprotect #hackandroidphone #malware #malwareattack #malwarecampaign #malwaredeveloper #malwaredistributor #malware-as-a-service #mobilebankingappmalware #rats #trojan #hacking #hacker #cybersecurity #hack #ethicalhacking #hacknews

A Study of the top 150,000 Android Apps Reveals 12,706 to Contain a Variety of Backdoors #android #androidapp #androidappmalware #androidapplication #androidapps #androidappsbackdoor #androidappscontainingmalware #androidappsevadeapppermission #androiddevice #androiddevicesvulnerable #androidflaw #androidmalware #androidphone #androidsmartphone #androidvulnerability #apppermission #appscontainingmalware #backdoor #backdoorapk #backdoors #bloatware #bug #bypass #deviceaccesspermission #flaw #google #googleplaystore #hackandroidphone #maliciousandroidapps #maliciousapp #malware #malwareattack #malwarecampaign #malwaredeveloper #playstore #playstoremaliciousapps #privacybypass #samsung #samsungvulnerability #hacking #hacker #cybersecurity #hack #ethicalhacking #hacknews

Cerberus Malware Improved To Pilfer Google Authenticator 2FA Codes #android #androiddevicesvulnerable #androidhack #androidmalware #androidmalwaredropper #androidrat #androidsensorhack #androidsensorhacked #androidsensorhacking #androidsmartphone #antivirus #antivirussoftware #banking #bankingappmalware #bankingtrojan #bankingtrojans #botnet #botnetattacks #botnetmalware #cerberus #cerberusandroidtrojan #cerberusmalware #cerberustrojan #googleplayprotect #hackandroidphone #malware #malwareattack #malwarecampaign #malwaredeveloper #malwaredistributor #malware-as-a-service #mobilebankingappmalware #rats #trojan #hacking #hacker #cybersecurity #hack #ethicalhacking #hacknews

Here’s How To Remove The ‘Unremovable’ xHelper Malware #adware #android #androidadwarecampaign #androidapp #androidappmalware #androidapplication #androidapps #androidappscontainingmalware #androiddevice #androiddevicesvulnerable #androidhack #androidmalware #androidmalwaredropper #androidphone #androidsmartphone #appscontainingmalware #appsforhackingandroid #fakeandroidapp #fakeapp #fakeapplication #gamemalware #google #googleplay #googleplaystore #hackandroidphone #malware #malwareattack #malwarecampaign #malwaredeveloper #malwaredistributor #malwaredropper #playstore #playstoremaliciousapps #spyware #trojans #xhelper #xhelperandroidmalware #xhelpermalware #hacking #hacker #cybersecurity #hack #ethicalhacking #hacknews

Android Banking Trojan Faketoken Now Also Messages Premium Rate Phone Numbers #android #androidapp #androidappmalware #androidapplication #androidapps #androidappscontainingmalware #androiddevice #androiddevicesvulnerable #androidhack #androidmalware #androidmalwaredropper #androidphone #androidsmartphone #antivirus #antivirussoftware #appsforhackingandroid #bankmalware #banking #bankingappmalware #bankingtrojan #bankingtrojans #botnet #botnetattacks #botnetmalware #browserbotnet #google #googleplay #googleplayprotect #googleplaystore #hackandroidphone #malware #malwareattack #malwarecampaign #malwaredeveloper #malwaredistributor #malwaredropper #malwaredroppers #malwares #mobilebankingappmalware #onlinebanking #playstore #playstoremaliciousapps #trojan #trojans #hacking #hacker #cybersecurity #hack #ethicalhacking #hacknews

CallerSpy Android Malware Masquerades Itself as a Chat App #android #androiddevicesvulnerable #androidhack #androidmalware #androidmalwaredropper #androidrat #androidsmartphone #googleplayprotect #hackandroidphone #malware #malwareattack #malwarecampaign #malwaredeveloper #malwaredistributor #rats #trojan #hacking #hacker #cybersecurity #hack #ethicalhacking #hacknews

Ginp – The Latest Android Banking Trojan Found Active In The Wild #android #androiddevicesvulnerable #androidhack #androidmalware #androidmalwaredropper #androidrat #androidsensorhack #androidsensorhacked #androidsensorhacking #androidsmartphone #antivirus #antivirussoftware #banking #bankingappmalware #bankingtrojan #bankingtrojans #botnet #botnetattacks #botnetmalware #cerberus #cerberusandroidtrojan #cerberusmalware #cerberustrojan #googleplayprotect #hackandroidphone #malware #malwareattack #malwarecampaign #malwaredeveloper #malwaredistributor #malware-as-a-service #mobilebankingappmalware #rats #trojan #hacking #hacker #cybersecurity #hack #ethicalhacking #hacknews

Fake Android Ad Blocker Barrages Users With Ads #ad-blocker #adware #adwarecampaign #android #androidadwarecampaign #androidapp #androidappmalware #androidapplication #androidapps #androidappscontainingmalware #androiddevice #androiddevicesvulnerable #androidmalware #androidmalwaredropper #androidphone #androidsmartphone #appscontainingmalware #fakeadblockers #fakeadsblockerandroidapp #fakeandroidapp #fakeapp #fakeapplication #google #hackandroidphone #maliciousads #maliciousadvertisement #maliciousandroidapps #maliciousapp #malware #malwareattack #malwarecampaign #malwaredeveloper #malwaredistributor #hacking #hacker #cybersecurity #hack #ethicalhacking #hacknews

More Adware-Delivering Android Games And Camera Apps Removed From Google Play Store #adware #adwarecampaign #android #androidadwarecampaign #androidapp #androidappmalware #androidapplication #androidapps #androidappscontainingmalware #androidappsevadegooglesecurity #androidappsevadeplayprotect #androidcameraapps #androiddevice #androiddevicesvulnerable #androidmalware #androidmalwaredropper #androidphone #androidphotoapps #androidphotofilterapps #androidrat #androidsmartphone #appscontainingmalware #beautycameraapplications #beautycameraapps #bundledadware #cameraapplications #cameraapps #evadesecurity #fakeandroidapp #fakeapp #fakeapplication #google #googleplay #googleplayprotect #googleplaystore #googleplaystoreapprejections #hackandroidphone #maliciousandroidcameraapps #maliciouscameraapps #malware #malwareattack #malwarecampaign #malwaredeveloper #malwaredistributor #playstore #playstoremaliciousapps #securityevasion #hacking #hacker #cybersecurity #hack #ethicalhacking #hacknews

This Malicious Android Keyboard App Scammed 40 Million Users #androidapp #androidappmalware #androidapplication #androidapps #androidappscontainingmalware #androiddevice #androiddevicesvulnerable #androidmalware #androidphone #androidrat #androidsmartphone #appscontainingmalware #bundledadware #evadesecurity #fakeandroidapp #fakeapp #fakeapplication #google #googleplay #googleplaystore #hackandroidphone #maliciousandroidapk #maliciousapp #maliciousservers #malware #malwareattack #malwarecampaign #malwaredeveloper #malwaredistributor #playstore #playstoremaliciousapps #hacking #hacker #cybersecurity #hack #ethicalhacking #hacknews