Browsing tag
Cisco has released an update to the Enterprise NFV Infrastructure Software (NFVIS) that addresses several security flaws found by researchers. The purpose of the solution is to determine whether or not network services can be virtualized so that virtual network functions (VNFs) can be managed easily. The security update shipped by Cisco recently contain three […]
A prototype version of the Package Analysis tool has been recently released by the Open Source Security Foundation (OpenSSF), and it is the first of its kind to be published. Using this tool, you can identify malicious attacks against open source registries in real-time and counter them. A short period of time after its release […]
More_eggs is malware that is specially designed to steal valuable credentials like usernames and passwords for corporate bank accounts, email accounts, and IT admin accounts. In April 2021, Threat actors conducted a spearphishing campaign with more_eggs malware that targeted job hunting professionals on LinkedIn. They sent malicious .zip files that are named under the current […]
The cybersecurity experts at Varonis security firm have recently discovered a Hive ransomware affiliate that has been deploying a variety of backdoors, including the Cobalt Strike beacon, in order to compromise the Microsoft Exchange servers that are vulnerable to the ProxyShell flaws. By deploying these backdoors the threat actors perform the following tasks and activities:- […]
SolarMarker’s latest version, which augments its capabilities, has been revealed recently by cybersecurity researchers PaloAlto Networks. While this new version of SolarMarker (aka Jupyter) is designed to enhance its defense capabilities and evasion capabilities to evade detection. As part of its identity theft and backdoor capabilities, SolarMarker malware operates mainly through search engine optimization (SEO) […]
A rapid spreading DDoS botnet has been found on the internet recently by CNCERT in collaboration with 360netlab security firm. Cybersecurity analysts have named this newly discovered malware “Fodcha.” It is estimated that over 100 persons are targeted every day in DDoS attacks by this newly discovered malware that preys on the following things across […]
A zero-day vulnerability in NGINX’s LDAP Reference Implementation has been fixed by the maintainers of the NGINX web server project. The security update was released in response to this vulnerability. The app users who are proxied by the NGINX web server, the NGINX LDAP reference implementation utilizes the Lightweight Directory Access Protocol (LDAP) to authenticate. […]
The FIN7 hacking group was deemed to be responsible for the sentence of a Ukrainian national. Denys Iarmak, 32, was sentenced to five years in prison for working as a penetration tester for the FIN7 company as was recently announced by the US Department of Justice (DoJ). The FIN7 aka Carbanak is active since 2013, […]
In an attempt to eliminate the infrastructure used to launch attacks against Ukrainian targets, Microsoft has taken down seven domain names used by the Russian hacking group APT28 to disrupt the attacks. All these domains were used by Strontium (aka Fancy Bear and APT28) to target multiple Ukrainian institutions, including the media outlets, and this […]
A campaign that began late last year targeting eight different Malaysian banks is still targeting its customers with three malicious Android applications. Under the guise of seemingly harmless shopping apps, the threat actors in this campaign have misled users into installing malicious applications. As a way to get people to download the applications, some of […]
Block Inc, confirmed that they had a data breach which was due to a former employee. Cash App is one of the products developed by Block. Cash App is a mobile application that can be used to transfer money between users. But this app is limited to the United Kingdom and the United States only. […]
Malware-as-a-service is becoming one of the greatest contributors to cyberattacks since it makes entry for cybercriminals extremely easier. This is because most of the hacking forums are selling malware, trojans, and viruses which are being leveraged by many hackers. In recent reports by Zscaler researchers, a new type of sophisticated credential stealer malware was found […]
Recently it has been observed that Morphisec Labs has witnessed a new wave of JSSLoader infections this year. JSSLoader activity has been tracked by Morphisec Labs since December 2020, and a comprehensive report has been released on the JSS loader used by the Russian hacker group FIN7 (aka Carbanak). In addition to exfiltrating data, establishing […]
Recently on March 22, 2022, several screenshots from the computer of one of Okta’s third-party support technicians were published online by the Lapsus$ hacking group claiming to have stolen sensitive data. There are many companies such as FedEx, Moody’s Corp (MCO.N), Peloton, SONOS, T-Mobile that rely on Okta to provide access to their networks primarily […]
A number of HP printer models, including LaserJet Pro, Pagewide Pro, OfficeJet, Enterprise, Large Format, and DeskJet, have been updated recently to address three security issues rated as critical. Initially, there is a buffer overflow security flaw that could allow remote code execution on an affected computer. Trend Micro’s Zero Day Initiative team reported this […]
BitRAT is one of the best Remote Access Trojan (RAT) available for sale in a hacking forum since 2020. Attackers rely on this RAT mostly because of its salient features like running process tasks, file tasks, and remote commands along with info-stealing features, HVNC. Remote Desktop, coin mining, and proxies. It is natively coded in […]
“Craftsart Cartoon Photo Tools,” one of the most popular mobile apps on the official Google Play store, has registered more than 100,000 downloads. However, the app is actually infected with Facestealer Android malware. The app, which pretends to be a legitimate photo editor, was deemed somewhat safe by Pradeo’s security experts. Through a variety of […]
Cyberattacks on Russia have been on the rise since their invasion of Ukraine. On February 25th, the Anonymous group posted on Twitter, “The Anonymous Collective is officially in cyberwar against the Russian government”. Anonymous has been infiltrating several Russian organizations ever since. — Anonymous (@YourAnonOne) February 24, 2022 Most of the businesses were Russian-state backed. […]
ASUS has recently published a security advisory containing mitigation measures for the Russian-linked Cyclops Blink threat that has affected various of its router models. Several researchers suspect that Cyclops Blink, a modular botnet, was created by Sandworm/Voodoo Bear, a Russian APT group. In order to accumulate information about high-value targets for further attacks, the botnet’s […]
CISA is known for publishing various reports and remediations for cyberattacks. They release a list of many known exploited vulnerabilities which are exploited by hackers frequently. They have added a list of 15 new exploited vulnerabilities to their list. The recent list contains almost all of the recent Windows Privilege Escalation vulnerabilities. CVE ID Vulnerability […]
The CSA and FBI have collaboratively conducted various types of analysis over hacking activity. There have been speculations on Russian State-Sponsored threat actors and their targets over Ukraine and other parts of the world. Recently, they have exploited an NGO that was using Cisco’s Duo MFA which had enabled access to cloud and email accounts […]