Hackers are trying to misuse the open-source EDRSilencer tool to interfere with endpoint detection and response (EDR) systems and hide their malicious activities.

Trend Micro has reported that these hackers are attempting to use EDRSilencer in their attacks to avoid being detected.

EDRSilencer, which is based on the NightHawk FireBlock tool from MDSec, is meant to block outgoing traffic from EDR processes using the Windows Filtering Platform (WFP).

It can stop various...

Google is launching a new pilot program in India to automatically block the sideloading of potentially harmful Android apps from third-party sources, following similar tests in Singapore, Thailand, and Brazil. The feature aims to protect users from apps that request sensitive permissions often exploited for financial fraud, such as accessing SMS messages or using accessibility services for malicious activities.

The initiative will start next month and will be gradually rolled out...

A large fraud scheme has been uncovered, involving fake trading apps on the Apple App Store and Google Play Store, along with phishing websites. This was reported by Group-IB.

This scam is part of a consumer investment fraud scheme known as "pig butchering." In this scheme, scammers trick people into investing in cryptocurrency or other financial products after gaining their trust, often pretending to be romantic partners or investment advisors.

These deceptive tactics usually...

Cybersecurity experts are warning about North Korean hackers trying to target potential victims on LinkedIn with malware called RustDoor.

According to Jamf Threat Labs, they discovered an attack where a user was approached on LinkedIn by someone pretending to be a recruiter for a legitimate decentralized cryptocurrency exchange called STON.fi.

This attack is part of a broader strategy by North Korean cybercriminals aiming to breach networks by pretending to conduct job...

Two men have been indicted in the U.S. for allegedly running WWH Club, a dark web marketplace specializing in sensitive personal and financial information. Alex Khodyrev, 35, from Kazakhstan, and Pavel Kublitskii, 37, from Russia, face charges of conspiracy to commit access device fraud and wire fraud.

From 2014 to 2024, Khodyrev and Kublitskii are accused of managing WWH Club and its associated sites, including wwh-club[.]ws, wwh-club[.]net, and skynetzone[.]org. These sites served...

North Korean hackers have used a fake Windows video conferencing app that pretends to be FreeConference.com to secretly access developers' systems. This is part of an ongoing campaign called Contagious Interview, which is financially motivated.

In August 2024, the Singaporean company Group-IB discovered this new attack. It shows that these hackers are also using installers for both Windows and Apple macOS to spread malware.

Contagious Interview, also known as DEV#POPPER, is a...

A new cyber threat has emerged, connected to the RansomHub ransomware, designed to shut down security software on infected computers. Named EDRKillShifter by the cybersecurity company Sophos, this tool joins other similar programs that disable security measures. 

Sophos discovered EDRKillShifter during a failed ransomware attack in May 2024. This tool acts as a delivery system for vulnerable drivers, which can be misused to bypass security protections. Security expert Andreas...

A new phishing campaign is exploiting Google Drawings and WhatsApp’s shortened links to deceive users and steal sensitive data. Cybersecurity researchers, including Menlo Security's Ashwin Vamshi, revealed that attackers are using these trusted platforms to craft fake Amazon account verification pages.

The scheme begins with a phishing email directing users to a Google Drawings graphic containing a link to a fake Amazon login page. This page, obscured by multiple URL shorteners,...

Facebook users are being targeted by a scam involving a network of fake websites designed to steal personal and financial information. Identified by Recorded Future’s Payment Fraud Intelligence team on April 17, 2024, this scam, named ERIAKOS, uses the content delivery network oss.eriakos[.]com. The fraudulent sites are only accessible through mobile devices and misleading ads, making them harder for automated systems to detect. The network includes 608 fake websites and operates in short,...

Singapore's retail banking sector has been given a three-month deadline to eliminate the use of one-time passwords (OTPs) for online account authentication, according to a joint announcement by the Monetary Authority of Singapore (MAS) and the Association of Banks in Singapore (ABS) on July 9, 2024. 

To combat the growing threat of phishing attacks, banks will transition to using digital tokens for customer logins. The MAS stated, "Customers who have activated their digital...