Articles

Phishing email campaign targets Taiwan  Talos observed an unknown threat actor conducting a malicious phishing campaign targeting victims in Taiwan since at least July 2024. The campaign specifically targets victims whose Facebook accounts are used for business or advertising purposes.  The initial vector of the campaign is a phishing email

Free Infostealer Intelligence Tools by Hudson Rock – www.hudsonrock.com/free-tools On November 4th, Schneider Electric acknowledged a data breach in which hackers stole 40GB of data from the company’s Jira server. “Schneider Electric is investigating a cybersecurity incident involving unauthorized access to one of our internal project execution tracking platforms which

*Not fully confirmed yet According to the website which was discovered through Redline related Telegram channels, law enforcement was able to hack the infrastructure of Redline and Meta Infostealers and obtain critical data With the message being that more information is to come In addition, law enforcement attached the following

Key findings  Overview  The GoDaddy Security team is tracking a new variant of ClickFix (also known as ClearFake) fake browser update malware that is distributed via bogus WordPress plugins. These seemingly legitimate plugins are designed to appear harmless to website administrators but contain embedded malicious scripts that deliver fake browser update prompts to

Disclaimer: Hudson Rock does not insinuate or imply responsibility or liability on behalf of any parties mentioned herein. The content is intended solely for informational purposes and reflects our findings at the time of publication. Hudson Rock disclaims any responsibility for how this information may be interpreted or used by

This blog post provides a chronological overview of the observed ClickFix campaigns. We further share technical details about a ClickFix cluster that uses fake Google Meet video conference pages to distribute infostealers. Context In May 2024, a new social engineering tactic called ClickFix emerged, featuring a ClearFake cluster that the

Interview with Malware Protection expert Leonid Rozenberg with Hudson Rock (www.hudsonrock.com) on exposing information stealers, protecting identities online, hackers who sell vulnerabilities, and how to know if your identity is stolen. Check out Hudson Rock’s free tools available here – https://www.hudsonrock.com/threat-intelligence-cybercrime-tools

Key findings Executive summary Silent Push Threat Analysts have observed the FIN7 group (aka Sangria Tempest) using new tactics in their malware and phishing attacks. We found that FIN7 has created at least seven websites serving malware to visitors looking to use an “AI Deepnude generator.” The threat group is

In case you missed it, hackers have been utilizing a new technique to infect victims with Infostealers, it is done by setting a fake Captcha page that prompts the victim to paste a powershell command into their Windows Run which causes a Lumma Infostealer infection. But does it actually work?

What happened  Proofpoint researchers are tracking a cluster of activity targeting transportation and logistics companies in North America to deliver a variety of different malware payloads.   Notably, this activity leverages compromised legitimate email accounts that belong to transportation and shipping companies. At this time, it is unclear how the actor

Sextortion schemes are about to take a much darker turn. With the rise of Infostealer malware, the game is changing. Hackers will no longer rely on fake threats or generic scare tactics like Google Street View images. Instead, they now have access to real victim data pulled straight from infected

German authorities recently took down 47 cryptocurrency exchanges used by ransomware groups, money launderers, and botnet operators. Although the domains have been seized, no arrests have been made so far. The real impact, however, might come from what was left behind. By examining the data from these domains through Hudson

In Part 1 of our series on Lumma Stealer, we explored the initial attack vector through a fake CAPTCHA page. We observed how the malware deceives users into downloading and executing malicious payloads. In this second series, we delve deeper into the technical details of the Lumma Stealer’s loader, focusing on its

In the past weeks I interviewed some of the Mac OS malware operators that are most known in the wild. Mac OS infostealers are still a trend and a to-be-known thing that I started investigating thanks to the honest words of the people around these products, this couldn’t be possible

Recently, Rasta Mouse, a well-known cybersecurity researcher and founder of Zero-Point Security Ltd, became the target of an alarming attack that resulted in a staggering loss of £10,000. This incident, which took place while he was selling cybersecurity courses through his company’s website, highlights a new dimension of financial DDoS