• About Us
  • Privacy Policy
  • Disclaimer
  • Contact Us
TechTrendFeed
  • Home
  • Tech News
  • Cybersecurity
  • Software
  • Gaming
  • Machine Learning
  • Smart Home & IoT
No Result
View All Result
  • Home
  • Tech News
  • Cybersecurity
  • Software
  • Gaming
  • Machine Learning
  • Smart Home & IoT
No Result
View All Result
TechTrendFeed
No Result
View All Result

Information temporary: LOTL assaults, spoofed websites, malicious repositories

Admin by Admin
June 21, 2025
Home Cybersecurity
Share on FacebookShare on Twitter


Bitdefender researchers found that an amazing 84% of main assaults — rated as these incidents with excessive severity by the seller’s cybersecurity platform — use living-off-the-land methods.

After evaluation of greater than 700,000 safety occasions logged by the Bitdefender GravityZone platform throughout 90 days, researchers concluded that adversaries are “demonstrably profitable in evading conventional defenses by expertly manipulating the very system utilities we belief and depend on every day — and menace actors function with a assured assertion of undetectability.”

LOTL assaults aren’t new. Whereas the time period was coined in 2013, the method dates again to 2001’s Code Pink, a worm that ran fully in reminiscence, did not obtain or set up any recordsdata, and reportedly price billions in damages.

In a nutshell, LOTL assaults use respectable software program and features that exist already in sufferer programs to carry out assaults. Within the case of Code Pink, the worm exploited Microsoft’s IIS net server software program to conduct DoS assaults. As a result of they use identified and trusted programs, these assaults are sometimes in a position to conceal within the background and evade customers, making them troublesome to forestall, detect and mitigate.

As soon as inside a sufferer’s programs, attackers can carry out reconnaissance, deploy fileless or memory-only malware, and steal credentials, amongst different LOTL methods — fully unbeknownst to the sufferer.

This week’s roundup highlights a malware marketing campaign that conducts LOTL assaults in opposition to Cloudflare Tunnel infrastructure and Python-based loaders. Plus, scammers use respectable web sites to trick victims looking for tech assist, and malicious GitHub repositories masquerade as respectable penetration testing suites.

Serpentine#Cloud makes use of shortcut recordsdata and Cloudflare infrastructure

Researchers at Securonix have recognized a complicated malware marketing campaign known as Serpentine#Cloud that makes use of LNK shortcut recordsdata to ship distant payloads. Assaults start with phishing emails containing hyperlinks to zipped attachments that execute distant code when opened, finally deploying a Python-based, in-memory shellcode loader that backdoors programs.

Menace actors use Cloudflare’s tunneling service to host the malicious payloads, benefiting from its trusted certificates and use of HTTPS. Whereas displaying some sophistication harking back to nation-state actors, sure coding decisions of those LOTL assaults have steered that Serpentine#Cloud is probably going not from any main nation-state teams.

Learn the total story by Alexander Culafi on Darkish Studying.

Scammers hijack search outcomes with faux tech assist numbers

Cybercriminals are creating misleading tech assist scams by buying sponsored Google advertisements that seem to signify main manufacturers, together with Apple, Microsoft and PayPal. In contrast to conventional scams, these assaults direct customers to respectable firm web sites, however overlay fraudulent assist cellphone numbers. When customers name these numbers, scammers pose as official tech assist to steal information and monetary data or achieve distant entry to units.

Malwarebytes researchers known as this a “search parameter injection assault,” the place malicious URLs embed faux cellphone numbers into real websites. Customers ought to confirm assist numbers via official firm communications earlier than calling.

Learn the total story by Kristina Beek on Darkish Studying.

Menace group weaponizes GitHub repositories to focus on safety professionals

Pattern Micro researchers recognized a brand new menace group known as Water Curse that weaponizes GitHub repositories disguised as respectable safety instruments to ship malware via malicious construct scripts.

Energetic since March 2023, the group has used at the least 76 GitHub accounts to focus on cybersecurity professionals, sport builders and DevOps groups. The multistage malware can exfiltrate credentials, browser information and session tokens whereas establishing distant entry and persistence. The assault usually begins when victims obtain compromised open supply tasks containing embedded malicious code. The code triggers throughout compilation, deploying VBScript and PowerShell payloads that carry out system reconnaissance and information theft.

Learn the total story by Elizabeth Montalbano on Darkish Studying.

Editor’s observe: Our workers used AI instruments to help within the creation of this information temporary.

Sharon Shea is govt editor of Informa TechTarget’s SearchSecurity website.

Tags: AttacksLOTLMaliciousNewsrepositoriessitesspoofed
Admin

Admin

Next Post
AutoGrow Textareas with CSS

AutoGrow Textareas with CSS

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Trending.

Discover Vibrant Spring 2025 Kitchen Decor Colours and Equipment – Chefio

Discover Vibrant Spring 2025 Kitchen Decor Colours and Equipment – Chefio

May 17, 2025
Reconeyez Launches New Web site | SDM Journal

Reconeyez Launches New Web site | SDM Journal

May 15, 2025
Safety Amplified: Audio’s Affect Speaks Volumes About Preventive Safety

Safety Amplified: Audio’s Affect Speaks Volumes About Preventive Safety

May 18, 2025
Flip Your Toilet Right into a Good Oasis

Flip Your Toilet Right into a Good Oasis

May 15, 2025
Apollo joins the Works With House Assistant Program

Apollo joins the Works With House Assistant Program

May 17, 2025

TechTrendFeed

Welcome to TechTrendFeed, your go-to source for the latest news and insights from the world of technology. Our mission is to bring you the most relevant and up-to-date information on everything tech-related, from machine learning and artificial intelligence to cybersecurity, gaming, and the exciting world of smart home technology and IoT.

Categories

  • Cybersecurity
  • Gaming
  • Machine Learning
  • Smart Home & IoT
  • Software
  • Tech News

Recent News

Namal – Half 1: The Shattered Peace | by Javeria Jahangeer | Jul, 2025

Namal – Half 1: The Shattered Peace | by Javeria Jahangeer | Jul, 2025

July 9, 2025
Awakening Followers Are Combating A Useful resource Warfare With Containers

Awakening Followers Are Combating A Useful resource Warfare With Containers

July 9, 2025
  • About Us
  • Privacy Policy
  • Disclaimer
  • Contact Us

© 2025 https://techtrendfeed.com/ - All Rights Reserved

No Result
View All Result
  • Home
  • Tech News
  • Cybersecurity
  • Software
  • Gaming
  • Machine Learning
  • Smart Home & IoT

© 2025 https://techtrendfeed.com/ - All Rights Reserved