Cybersecurity Threats Archives - Arab Security Consultants

Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws

Wednesday, 09 April 2025 by Ayman Hamam

A likely lone wolf actor behind the EncryptHub persona was acknowledged by Microsoft for discovering and reporting two security flaws in Windows last month, painting a picture of a “conflicted” individual straddling a legitimate career in cybersecurity and pursuing cybercrime. In a new extensive analysis published by Outpost24 KrakenLabs, the Swedish security company unmasked the up-and-coming cybercriminal, who, about

Published in News

Tagged under: ASC, Cyber threat intelligence, Cybercrime, Cybersecurity Threats, EncryptHub, Fickle Stealer, lone wolf hacker, malware development, Microsoft Patch Tuesday, OpenAI misuse, Windows vulnerabilities

Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws

Tuesday, 21 January 2025 by Ayman Hamam

Cybersecurity researchers have detailed an attack that involved a threat actor utilizing a Python-based backdoor to maintain persistent access to compromised endpoints and then leveraged this access to deploy the RansomHub ransomware throughout the target network. According to GuidePoint Security, initial access is said to have been facilitated by means of a JavaScript malware downloaded named SocGholish (aka FakeUpdates), which

Published in News

Tagged under: Arab Security Consultants, ASC, AWS S3 ransomware, Black Basta techniques, C2 tunnel, Codefinger threat actor, Cybersecurity Threats, EDRSilencer, endpoint detection bypass, Lateral Movement, network compromise, phishing campaigns, ransomware attacks, ransomware deployment, SocGholish malware, tags ChatGPT said: ChatGPT Python-based backdoor

PLAYFULGHOST Delivered via Phishing and SEO Poisoning in Trojanized VPN Apps

Monday, 06 January 2025 by Ayman Hamam

Cybersecurity researchers have flagged a new malware called PLAYFULGHOST that comes with a wide range of information-gathering features like keylogging, screen capture, audio capture, remote shell, and file transfer/execution. The backdoor, according to Google’s Managed Defense team, shares functional overlaps with a known remote administration tool referred to as Gh0st RAT, which had its source code publicly leaked

Published in News

Tagged under: advanced malware analysis, ASC, BYOVD attacks, cyber defense strategies., Cybersecurity Threats, DLL hijacking, Gh0st RAT, keylogging, malware infection methods, Phishing Attacks, PLAYFULGHOST malware, remote access trojans, SEO poisoning, Windows malware

Kinsing Hacker Group Exploits More Flaws to Expand Botnet for Cryptojacking

Sunday, 19 May 2024 by Ayman Hamam

The crypto-jacking group known as Kinsing has demonstrated an ability to continuously evolve and adapt, proving to be a persistent threat by swiftly integrating newly disclosed vulnerabilities into the exploit arsenal and expanding its botnet. The findings come from cloud security firm Aqua, which described the threat actor as actively orchestrating illicit cryptocurrency mining campaigns since 2019.

Published in News

Tagged under: Arab Security Consultants, ASC, botnet expansion, cloud security, cryptocurrency mining malware, Cybersecurity Threats, Kinsing crypto-jacking, Linux, malware prevention, vulnerability exploitation, Windows attacks

FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT

Sunday, 12 May 2024 by Ayman Hamam

The financially motivated threat actor known as FIN7 has been observed leveraging malicious Google ads spoofing legitimate brands as a means to deliver MSIX installers that culminate in the deployment of NetSupport RAT. “The threat actors used malicious websites to impersonate well-known brands, including AnyDesk, WinSCP, BlackRock, Asana, Concur, The Wall Street Journal, Workable, and

Published in News

Tagged under: ArabSecurityConsultants, ASC, Brand Impersonation, Cybercrime Tactics, Cybersecurity News., Cybersecurity Threats, FIN7, Malicious Google Ads, Malware Distribution, NetSupport RAT, Phishing Techniques

Vultur Android Banking Trojan Returns with Upgraded Remote Control Capabilities

Monday, 22 April 2024 by Ayman Hamam

The Android banking trojan known as Vultur has resurfaced with a suite of new features and improved anti-analysis and detection evasion techniques, enabling its operators to remotely interact with a mobile device and harvest sensitive data. “Vultur has also started masquerading more of its malicious activity by encrypting its C2 communication, using multiple encrypted payloads

Published in News

Tagged under: Android banking trojan, Cybersecurity Threats, malware distribution techniques, mobile banking fraud, mobile device security, remote device control, SMS Phishing, Vultur malware

U.S. Sanctions 6 Iranian Officials for Critical Infrastructure Cyber Attacks

Sunday, 04 February 2024 by Ayman Hamam

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions against six officials associated with the Iranian intelligence agency for attacking critical infrastructure entities in the U.S. and other countries. The officials include Hamid Reza Lashgarian, Mahdi Lashgarian, Hamid Homayunfal, Milad Mansuri, Mohammad Bagher Shirinkar, and Reza Mohammad Amin Saberian, who are part

Published in News

AllaKore RAT Malware Targeting Mexican Firms with Financial Fraud Tricks

Monday, 29 January 2024 by Ayman Hamam

Mexican financial institutions are under the radar of a new spear-phishing campaign that delivers a modified version of an open-source remote access trojan called AllaKore RAT. The BlackBerry Research and Intelligence Team attributed the activity to an unknown Latin American-based financially motivated threat actor. The campaign has been active since at least 2021. “Lures use Mexican

Published in News

Microsoft Warns of Storm-0539: The Rising Threat Behind Holiday Gift Card Frauds

Sunday, 17 December 2023 by Ayman Hamam

Microsoft is warning of an uptick in malicious activity from an emerging threat cluster it’s tracking as Storm-0539 for orchestrating gift card fraud and theft via highly sophisticated email and SMS phishing attacks against retail entities during the holiday shopping season. The goal of the attacks is to propagate booby-trapped links that direct victims to adversary-in-the-middle (AiTM)

Published in News

Tagged under: Credential Hygiene, Cybersecurity Threats, Email Security, Gift Card Fraud, Microsoft 365 Defender, Multi-Factor Authentication, Phishing Attacks, Retail Security, SMS Phishing, Storm-0539

Tag: Cybersecurity Threats