Cybersecurity News - Page 81

LabHost allowed cybercriminals to create and deploy phishing websites designed to steal victims’ personal and financial data.

The group used phishing emails to infect targets with malware granting remote access to the devices.

The technique is designed to engage only with verified, legitimate email addresses.

The group has also moved from using HTA files to MSI packages as the primary method for deploying the malware.

Attackers create a symbolic link within the language files folder of devices with SSL-VPN enabled that connects the user filesystem to the root filesystem.

In brief: Microsoft fixes yet another Windows zero-day, Russian hackers continue to target military missions, and more.

The issue stems from a hardcoded machineKey in the web application’s configuration file.

The advisory focuses on two spyware families, dubbed ‘BadBazaar’ and ‘Moonshine’ masquerading as seemingly legitimate apps.

Researchers believe the hacker behind the breach is likely the same group responsible for the previous BlackBasta leak.

The hackers gained access to the OCC's email system after compromising an administrator’s account, allowing them to monitor email communications of high-ranking officials.