Nearly 100 GB of emails from White House Chief of Staff Susie Wiles, Trump advisor Roger Stone, Trump legal counsel Lindsey Halligan, and Trump enemy Stormy Daniels were claimed to have been exfiltrated by Iranian state-sponsored threat operation Robert.
GBHackers News reports that widely used short-form video editing app CapCut has been exploited in a two-stage phishing campaign aimed at exfiltrating Apple ID credentials and credit card details.
Schools and small businesses have had their email accounts breached to spread phishing emails delivering the Remcos RAT malware in attack campaigns since last year, Hackread reports.
Malicious actors have been creating signed remote access through ConnectWise ScreenConnect installer abuse as part of an Authenticode stuffing attack, reports BleepingComputer.
A red team exercise simulated attacks against organizations in the oil, gas, and energy sectors with the Golang-based RunnerBeacon backdoor as part of the new OneClik attack campaign, which has three variants, all of which involve the abuse of the Microsoft ClickOnce tool and various AWS cloud services, reports BleepingComputer.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.