2025
03.05

Pixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks

In Advisory ,Hacker

SVG-based attacks have sharply pivoted toward phishing campaigns, with a staggering 1800% increase in early 2025 compared to data collected since April 2024. A notable surge in campaigns was observed in Q1 of 2025, peaking in March. These are driven largely by the emergence of Attack-in-the-middle (AITM) Phishing-as-a-Service (PhaaS) platforms such as Tycoon2FA, which have significantly amplified the effectiveness and prevalence of these deceptive tactics.

Source ->

Comments Off on Pixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks
2025
02.05

Security-KPIs und -KRIs: So messen Sie Cybersicherheit

In Advisory ,Security

Eine wichtige Säule jedes ausgereiften Cyberrisk-Programms ist die Fähigkeit, die Performance der IT-Security und registrierte Bedrohungen zu messen, zu analysieren und zu melden. Die Cybersecurity zu messen, ist allerdings kein leichtes Unterfangen: Einerseits, weil sich viele Führungskräfte ohne entsprechenden Background schwer tun, IT-Risiken zu verstehen. Andererseits verstricken sich Sicherheitsprofis auch zu oft in technische Details, die die Stakeholder verwirren und auf den falschen Weg führen.

Source ->

Comments Off on Security-KPIs und -KRIs: So messen Sie Cybersicherheit
2025
01.05

AkiraBot: AI-Powered spam bot evades CAPTCHA to target 80,000+ websites

In Hacker ,Internet ,KI/AI

AkiraBot uses LLM-generated content and rotating attacker-controlled domains to bypass spam filters. The spam framework evades CAPTCHA and network detection using proxies, unrelated to the Akira ransomware group.

Source ->

Comments Off on AkiraBot: AI-Powered spam bot evades CAPTCHA to target 80,000+ websites
2025
30.04

SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps

In Advisory ,Hacker ,Internet ,Virj

Cybersecurity researchers have found that threat actors are setting up deceptive websites hosted on newly registered domains to deliver a known Android malware called SpyNote.

These bogus websites masquerade as Google Play Store install pages for apps like the Chrome web browser, indicating an attempt to deceive unsuspecting users into installing the malware instead.

Source ->

Comments Off on SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps
2025
29.04

Meet Rayhunter: A New Open Source Tool from EFF to Detect Cellular Spying

In Advisory ,Privacy ,Sec-Tools

At EFF we spend a lot of time thinking about Street Level Surveillance technologies—the technologies used by police and other authorities to spy on you while you are going about your everyday life—such as automated license plate readers, facial recognition, surveillance camera networks, and cell-site simulators (CSS). Rayhunter is a new open source tool we’ve created that runs off an affordable mobile hotspot that we hope empowers everyone, regardless of technical skill, to help search out CSS around the world.

Source ->

Comments Off on Meet Rayhunter: A New Open Source Tool from EFF to Detect Cellular Spying