North Korean group Kimsuky has launched a sophisticated phishing campaign using HWP documents and concealed AnyDesk backdoors to target victims by pretending to be in academic collaborations. The campaign demonstrates ongoing refinement in spear-phishing tactics and the exploitation of legitimate software for covert remote access. #Kimsuky #AnyDeskBackdoor…
Search Results for: AnyDesk
The CVE-2024-12754 vulnerability was patched in AnyDesk version v9.0.1. Users are strongly encouraged to update to the latest version to protect themselves from potential attacks….
Short Summary: Threat analysts are tracking a campaign that uses fake websites and social engineering to distribute a malicious version of AnyDesk remote access software
Cybereason issues Threat Alerts to inform customers of emerging impacting threats, including critical vulnerabilities. Cybereason Threat Alerts summarize these threats and provide practical recommendations for
On February 2, 2024, AnyDesk, a popular remote desktop software provider, announced that it had fallen victim to a cyberattack that compromised its production systems. The breach, orchestrated by malicious actors, has far-reaching implications...
The post AnyDesk Breach 2024: Dark Web Sale of 18,317 Credentials appeared first on Penetration Testing.
AnyDesk, a widely used remote desktop software, recently announced a significant breach within its production environment. Despite the unsettling access gained by hackers, AnyDesk assured its user base that no authentication tokens were compromised,...
The post AnyDesk’s Cybersecurity Breach: Unveiling the Recent Attack appeared first on Penetration Testing.
Dubbed information stealer spotted stealing sensitive Data Phishing sites are becoming an increasingly attractive target for Threat Actors (TAs) to lure victims into stealing sensitive
MS-SQL servers are mainly the attack targets for Windows systems. Attackers scan vulnerable MS-SQL servers that are poorly managed and install malware upon gaining control.
North Korean-linked threat actors are targeting Web3 and cryptocurrency companies with Nim-based malware called NimDoor, employing advanced persistence and communication techniques. They also utilize social engineering and multi-stage attack chains on macOS and Windows platforms to steal data and maintain control. #NorthKorea #NimDoor…
Cybersecurity experts warn about sophisticated phishing campaigns using brand impersonation, QR codes, and callback techniques such as TOAD to deceive victims into sharing sensitive information or installing malware. These attacks leverage trusted brands like Microsoft, Docusign, and PayPal, and utilize methods like VoIP spoofing and AI-assisted phishing to expand their reach….
Since 2024, North Korean remote IT workers have been leveraging AI technologies like image manipulation and voice-changing software to enhance fraudulent employment operations worldwide. Microsoft tracks these activities under the codename Jasper Sleet and advises organizations to strengthen vetting and monitoring procedures to defend against this sophisticated insider threat. #JasperSleet #NorthKoreanITWorkers #Faceswap #AstrillVPN
Microsoft has enhanced Defender for Office 365 to automatically detect and prevent email bombing attacks, which flood inboxes with excessive emails to overwhelm security systems. This new feature helps organizations maintain visibility and protect against tactics used by threat actors like BlackBasta and FIN7. #EmailBombing #ThreatActors
![Threat Research | Weekly Recap [22 Jun 2025]](https://www.hendryadrian.com/tweet/image/cybersecuritynews.png "Threat Research | Weekly Recap [22 Jun 2025]")
This weekly cybersecurity recap highlights the expansion of Remote Access Trojans (RATs) and malware campaigns targeting various platforms and sectors, including IoT, government, and banking. It emphasizes increased phishing activities, nation-state cyber operations, and vulnerabilities exploited across enterprise and open-source ecosystems. #Androxgh0st #AsyncRAT #ChaosRAT #SpyMax #XWORM #KimJongRAT #PythonRAT