Cybersecurity & Data Protection
1
UPVOTE
thehackernews.com

Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations

Threat hunters have called attention to a new campaign as part of which bad actors masqueraded as fake IT support to deliver the Havoc command-and-control (C2) framework as a precursor to data exfiltration or ransomware attack. The intrusions, identified by Huntress last month across five partner organizations, involved the threat actors using email spam as lures, followed by a phone call from
Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations
TN

The Hacker News

11d ago
1 0

Discussion

Your thoughts matter!

Your input is valuable—be the first to share it!

No comments yet.

Be the first to share your take and keep the conversation moving.

Join the conversation

Log in or sign up to add your comment and participate in the discussion!

Log In Sign Up

UPVOTERS

Community appreciation

See who found this content valuable and showed their support.

g_richard

Golden Greta

Golden GretaUpvoted 11d ago1 comments · 28 shares

TOPICS

Explore the same topics

Discover more content from the topics this post is mapped to.

darkreading.com
Taiwan Incident Highlights Cybersecurity Gaps in Rail Systems

A Taiwanese student experimenting with software-defined radio technology shut down three bullet trains for nearly an hour, leading to an anti-terrorism respons…
DR

Dark Reading

2026-05-15 08:27
0
bleepingcomputer.com
TeamPCP hackers advertise Mistral AI code repos for sale

The TeamPCP hacker group is threatening to leak source code from the Mistral AI project unless a buyer is found for the data. [. .. ]
CA

Carlos

3h ago
0
bleepingcomputer.com
Hackers exploit auth bypass flaw in Burst Statistics WordPress …

Hackers are leveraging a critical authentication bypass vulnerability in the WordPress plugin Burst Statistics to obtain admin-level access to websites. [. .. ]
Thanakorn Boon

Thanakorn Boon

8h ago
0
bleepingcomputer.com
Cisco warns of new critical SD-WAN flaw exploited in zero-day a…

Cisco is warning that a critical Catalyst SD-WAN Controller authentication bypass flaw, tracked as CVE-2026-20182, was actively exploited in zero-day attacks t…
Marcus Allen

Marcus Allen

10h ago
0
thehackernews.com
Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited…

Cisco has released updates to address a maximum-severity authentication bypass flaw in Catalyst SD-WAN Controller that it said has been exploited in limited at…
TN

The Hacker News

11h ago
0
schneier.com
Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m giving a virtual talk on “The Security of Trust in the Age of AI, ” hosted by the Financ…
SS

Schneier on Security

13h ago
0

Keep browsing

Explore more from this topic

Dive into the full feed of curated posts covering Cybersecurity & Data Protection.

Browse Topics

RELATED CONTENT

Continue exploring

Discover more content that aligns with your interests and this post.

thehackernews.com
Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited…

Cisco has released updates to address a maximum-severity authentication bypass flaw in Catalyst SD-WAN Controller that it said has been exploited in limited at…
TN

The Hacker News

11h ago
0
thehackernews.com
Ghostwriter Targets Ukrainian Government With Geofenced PDF Phi…

The Belarus-aligned threat group known as Ghostwriter has been attributed to a fresh set of attacks targeting governmental organizations in Ukraine. Active sin…
TN

The Hacker News

15h ago
0
thehackernews.com
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cach…

Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE) vulnerability that allows local attackers to gain root…
Thanakorn Boon

Thanakorn Boon

21h ago
0
thehackernews.com
Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Pat…

Microsoft has unveiled a new multi-model artificial intelligence (AI)-driven system called MDASH to facilitate vulnerability discovery and remediation at scale…
RM

ryan maybe

1d ago
0
thehackernews.com
New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential …

Exim has released security updates to address a severe security issue affecting certain configurations that could enable memory corruption and potential code e…
CA

Carlos

2d ago
0
thehackernews.com
New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Ne…

Cybersecurity researchers have flagged a new version of the TrickMo Android banking trojan that uses The Open Network (TON) for command-and-control (C2). The n…
Thanakorn Boon

Thanakorn Boon

2d ago
0

Still curious?

See more related posts

Keep the inspiration flowing with fresh submissions and trending finds from the community.

View Latest