Search cyberveille.decio.ch

Found 3 bookmarks

Custom sorting

File hosting services misused for identity phishing

Since mid-April 2024, Microsoft has observed an increase in defense evasion tactics used in campaigns abusing file hosting services like SharePoint, OneDrive, and Dropbox. These campaigns use sophisticated techniques to perform social engineering, evade detection, and compromise identities, and include business email compromise (BEC) attacks.

#microsoft #EN #2024 #File #hosting #SharePoint #OneDrive #Dropbox #social-engineering #identity #phishing #research

·microsoft.com·Oct 9, 2024

File hosting services misused for identity phishing

Hackers target WordPress calendar plugin used by 150,000 sites

Hackers are trying to exploit a vulnerability in the Modern Events Calendar WordPress plugin that is present on more than 150,000 websites to upload arbitrary files to a vulnerable site and execute code remotely. #Actively #Calendar #Computer #Events #Exploited #File #InfoSec #Modern #Plugin #Security #Upload #Vulnerability #WordPress

#Plugin #Calendar #Events #Vulnerability #File #InfoSec #Actively #WordPress #Security #Upload #Exploited #Modern #Computer

·bleepingcomputer.com·Jul 9, 2024

Hackers target WordPress calendar plugin used by 150,000 sites

Malicious Batch File (*.bat) Disguised as a Document Viewer Being Distributed (Kimsuky)

AhnLab Security Emergency response Center (ASEC) has confirmed the distribution of malware in the form of a batch file (*.bat). This malware is designed to download various scripts based on the anti-malware process, including AhnLab products, installed in the user’s environment. Based on the function names used by the malware and the downloaded URL parameters, it is suspected to have been distributed by the Kimsuky group.

#asec.ahnlab #malware #analysis #batch #file #.bat #Kimsuky #Document #Viewer

·asec.ahnlab.com·Jul 31, 2023

Malicious Batch File (*.bat) Disguised as a Document Viewer Being Distributed (Kimsuky)