Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Quotidien Hebdomadaire Mensuel

Quotidien Shaarli

Tous les liens d'un jour sur une page.

Jour précédent
Jour suivant

Hier - April 21, 2025

Google Spoofed Via DKIM Replay Attack

Learn how a convincing Google spoof used a DKIM replay attack to bypass email security and trick users with a fake subpoena. A real-world phishing example you need to see.

13:31
EasyDMARC, EN, 2025, attack, analysis, Google, Spoofed, DKIM, phishing, fake, subpoena
Phishers abuse Google OAuth to spoof Google in DKIM replay attack

In a rather clever attack, hackers leveraged a weakness that allowed them to send a fake email that seemed delivered from Google's systems, passing all verifications but pointing to a fraudulent page that collected logins.

13:27
bleepingcomputer, EN, 2025, DKIM, Google, Phishing, Scam, weakness, spoof, OAuth
Widespread Microsoft Entra lockouts tied to new security feature rollout

Windows administrators from numerous organizations report widespread account lockouts triggered by false positives in the rollout of a new Microsoft Entra ID's

11:23
bleepingcomputer, EN, 2025, Account-Lockout, Leaked-Credentials, MACE-Credential-Revocation, Microsoft, Microsoft-Entra, Windows
SuperCard X: exposing a Chinese-speaker MaaS for NFC Relay fraud operation | Cleafy

This report details a newly identified and active fraud campaign, highlighting the emergence of sophisticated mobile malware leveraging innovative techniques:

  • SuperCard X Malware: A novel Android malware offered through a Malware-as-a-Service (MaaS) model, enabling NFC relay attacks for fraudulent cash-outs.
  • Evolving Threat Landscape: Demonstrates the continuous advancement of mobile malware in the financial sector, with NFC relay representing a significant new capability.
  • Combined Attack Vectors: Employs a multi-stage approach combining social engineering (via smishing and phone calls), malicious application installation, and NFC data interception for highly effective fraud.
  • Low Detection Rate: SuperCard X currently exhibits a low detection rate among antivirus solutions due to its focused functionality and minimalistic permission model.‍
  • Broad Target Scope: The fraud scheme targets customers of banking institutions and card issuers, aiming to compromise payment card data.
09:20
cleafy.com, EN, 2025, SuperCardX, Malware, NFC, report, campaign, mobile
npm Malware Targets Telegram Bot Developers with Persistent SSH Backdoors

Malicious npm packages posing as Telegram bot libraries install SSH backdoors and exfiltrate data from Linux developer machines.

09:18
socket.dev, EN, 2025, Telegram, bot, libraries, SSH, backdoors, npm, Supply-Chain-Attack
Mitigating ELUSIVE COMET Zoom remote control attacks - The Trail of Bits Blog

When our CEO received an invitation to appear on “Bloomberg Crypto,” he immediately recognized the hallmarks of a sophisticated social engineering campaign. What appeared to be a legitimate media opportunity was, in fact, the latest operation by ELUSIVE COMET—a threat actor responsible for millions in cryptocurrency theft through carefully constructed social engineering attacks.

This post details our encounter with ELUSIVE COMET, explains their attack methodology targeting the Zoom remote control feature, and provides concrete defensive measures organizations can implement to protect themselves.

09:10
trailofbits, EN, 2025, ELUSIVE-COMET, CEO, invitation, zoom, threat-actor, social-engineering, crypto