-
Apr 1, 2023
Researchers at cybersecurity firm Cyble have conducted a comprehensive analysis of the supply chain attack targeting customers of 3CX, a VoIP IPBX software development company. The attack has been attributed to North Korean Threat Actors and involves a Trojanized version… read more »
-
Apr 1, 2023
Orca Security researchers discovered a new vulnerability called Super FabriXss (CVE-2023-23383 – CVSS score: 8.2) in Azure Service Fabric Explorer that allows unauthenticated remote code execution. Azure Service Fabric Explorer is a web-based management tool that allows users to visualize… read more »
-
Mar 29, 2023
Google’s Threat Analysis Group (TAG) has released a report stating that commercial spyware vendors have been exploiting zero-day vulnerabilities that were addressed last year in order to target Android and iOS devices. These campaigns were highly targeted and limited, taking… read more »
-
Mar 29, 2023
Since September 2022, trojanised installers for the TOR browser have been used to distribute Clipper malware, which steals cryptocurrency from users in Russia and Eastern Europe. The malware scans clipboard contents for cryptocurrency wallet addresses and replaces them with addresses… read more »
-
Mar 29, 2023
A new report from cybersecurity firm Mandiant sheds light on a previously unknown threat actor operating on behalf of the North Korean regime and using cybercrime to fund its espionage operations. The group, dubbed APT43, is a prolific and aggressive… read more »
-
Mar 27, 2023
According to a recent research from cybersecurity firm Uptycs, a new malware named MacStealer is targeting Apple’s macOS operating system to steal sensitive information, including documents, cookies, and login credentials. The malware primarily affects devices running macOS versions Catalina and… read more »
-
Mar 26, 2023
A new ransomware operation called Dark Power has surfaced, targeting organisations around the world and demanding relatively small ransom payments of $10,000. According to a recent report from cybersecurity firm Trellix, the ransomware uses the Nim programming language, making it… read more »
-
Mar 24, 2023
The US Cybersecurity & Infrastructure Security Agency (CISA) has released a new open-source incident response tool that helps detect signs of malicious activity in Microsoft cloud environments. Known as the “Untitled Goose Tool”, this Python-based utility can download telemetry information… read more »