abuses

Blog
digitpatrox4 weeks ago
53

DragonForce ransomware abuses SimpleHelp in MSP supply chain attack

The DragonForce ransomware operation successfully breached a managed service provider and used its SimpleHelp remote monitoring and management (RMM) platform to steal data and deploy encryptors on downstream customers’ systems. Sophos was brought in to investigate the attack and believe the threat actors exploited a chain of older SimpleHelp vulnerabilities tracked as CVE-2024-57727, CVE-2024-57728, and CVE-2024-57726 to breach the system. SimpleHelp is…
Read More »
Blog
digitpatroxFebruary 17, 2025
112

New FinalDraft malware abuses Outlook mail service for stealthy comms

A new malware called FinalDraft has been using Outlook email drafts for command-and-control communication in attacks against a ministry in a South American country. The attacks were discovered by Elastic Security Labs and rely on a complete toolset that includes a custom malware loader named PathLoader, the FinalDraft backdoor, and multiple post-exploitation utilities. The abuse of Outlook, in this case, aims to…
Read More »
Blog
digitpatroxDecember 19, 2024
151

Ongoing phishing attack abuses Google Calendar to bypass spam filters

An ongoing phishing scam is abusing Google Calendar invites and Google Drawings pages to steal credentials while bypassing spam filters. According to Check Point, which has been monitoring the phishing attack, the threat actors have targeted 300 brands with over 4,000 emails sent in four weeks. Check Point told BleepingComputer that the attacks targeted a broad range of companies, including educational institutions,…
Read More »
Blog
digitpatroxAugust 31, 2024
241

New Voldemort malware abuses Google Sheets to store stolen data

A new malware campaign is spreading a previously undocumented backdoor named “Voldemort” to organizations worldwide, impersonating tax agencies from the U.S., Europe, and Asia. As per a Proofpoint report, the campaign started on August 5, 2024, and has disseminated over 20,000 emails to over 70 targeted organizations, reaching 6,000 in a single day at the peak of its activity. Over…
Read More »

abuses

DragonForce ransomware abuses SimpleHelp in MSP supply chain attack

New FinalDraft malware abuses Outlook mail service for stealthy comms

Ongoing phishing attack abuses Google Calendar to bypass spam filters

New Voldemort malware abuses Google Sheets to store stolen data

‘The Life of Chuck’ star discusses screening film with director Mike Flanagan, his favorite performances from the Stephen King adaptation and more

Applebee’s and IHOP have plans for AI

DuckDuckGo’s ‘Scam Blocker’ Just Got a Big Upgrade

The JBL Tune 770NC Headphones Are Less Than $80 for Black Friday

Build 27881 for Windows 11 finally brings new features to Canary Channel

Here’s When iOS 18.1 with Apple Intelligence Will Be Released

Microsoft unveils new security defaults for Windows 365 Cloud PCs

The music industry is building the tech to hunt down AI songs

Three Places I Hid My Merach Mini Stepper in My Small Apartment (and Three That Failed)

Texas Board of Physical Therapy Examiners breached, SSNs and other info compromised

TikTok Is Pushing Old and False News as ”Breaking” Alerts

Today’s AI models have a poor grasp of world history – Computerworld