-
Apr 5, 2023
According to a report by Cisco Talos, the Typhon Reborn information-stealing malware has returned with an updated version that includes improved capabilities to evade detection and analysis. The new version, which is being offered for sale on the criminal underground,… read more »
-
Apr 4, 2023
Check Point researchers have discovered a new strain of ransomware called Rorschach, with unique characteristics that make it one of the fastest ransomware threats today. The malware was deployed using the DLL side-loading technique via a signed component in Cortex… read more »
-
Apr 4, 2023
CrowdStrike researchers have discovered that SFX archives used to share compressed files with those who do not have WinRAR on their computers are being exploited to hide infected files capable of installing backdoors that bypass operating system security measures. Cybercriminals… read more »
-
Apr 1, 2023
Researchers at cybersecurity firm Cyble have conducted a comprehensive analysis of the supply chain attack targeting customers of 3CX, a VoIP IPBX software development company. The attack has been attributed to North Korean Threat Actors and involves a Trojanized version… read more »
-
Apr 1, 2023
Orca Security researchers discovered a new vulnerability called Super FabriXss (CVE-2023-23383 – CVSS score: 8.2) in Azure Service Fabric Explorer that allows unauthenticated remote code execution. Azure Service Fabric Explorer is a web-based management tool that allows users to visualize… read more »
-
Mar 29, 2023
Google’s Threat Analysis Group (TAG) has released a report stating that commercial spyware vendors have been exploiting zero-day vulnerabilities that were addressed last year in order to target Android and iOS devices. These campaigns were highly targeted and limited, taking… read more »
-
Mar 29, 2023
Since September 2022, trojanised installers for the TOR browser have been used to distribute Clipper malware, which steals cryptocurrency from users in Russia and Eastern Europe. The malware scans clipboard contents for cryptocurrency wallet addresses and replaces them with addresses… read more »
-
Mar 29, 2023
A new report from cybersecurity firm Mandiant sheds light on a previously unknown threat actor operating on behalf of the North Korean regime and using cybercrime to fund its espionage operations. The group, dubbed APT43, is a prolific and aggressive… read more »
-
Mar 27, 2023
According to a recent research from cybersecurity firm Uptycs, a new malware named MacStealer is targeting Apple’s macOS operating system to steal sensitive information, including documents, cookies, and login credentials. The malware primarily affects devices running macOS versions Catalina and… read more »
-
Mar 26, 2023
A new ransomware operation called Dark Power has surfaced, targeting organisations around the world and demanding relatively small ransom payments of $10,000. According to a recent report from cybersecurity firm Trellix, the ransomware uses the Nim programming language, making it… read more »
-
Mar 24, 2023
The US Cybersecurity & Infrastructure Security Agency (CISA) has released a new open-source incident response tool that helps detect signs of malicious activity in Microsoft cloud environments. Known as the “Untitled Goose Tool”, this Python-based utility can download telemetry information… read more »
-
Mar 22, 2023
Google has released a warning that certain Android phones may be remotely hacked without the need for the victim to interact with anything. The attack can allow a remote user access to call information and text messages being transmitted via… read more »
-
Mar 21, 2023
Chaos Engineering is a practice that aims to identify potential issues and vulnerabilities in a system by deliberately introducing controlled failures. The goal is to expose weaknesses before they cause significant damage in a real-world scenario. Advances in large-scale, distributed… read more »
-
Mar 20, 2023
Security researchers David Buchanan and Simon Aarons have discovered a serious vulnerability in Google Markup, the screenshot editing tool available on Pixel devices. The bug, dubbed “aCropalypse”, allows certain parts of the image to be restored, potentially exposing sensitive information.… read more »
-
Mar 15, 2023
CrowdStrike has discovered a cryptojacking campaign targeting Kubernetes infrastructure, believed to be the first Dero cryptojacking operation. Dero is a private, decentralised application platform that offers enhanced privacy and anonymity compared to other cryptocurrencies. The attack targets Kubernetes clusters exposed… read more »
-
Mar 15, 2023
Microsoft has released 80 security patches for its March 2023 Patch Tuesday rollout. The patches include 9 Critical, 70 Important, and 1 Moderate vulnerabilities. Additionally, there are two actively exploited zero-day vulnerabilities: a Critical elevation of privilege within Microsoft Outlook… read more »
-
Mar 14, 2023
Researchers at Palo Alto Networks Unit 42 have discovered a new malware called GoBruteforcer, written in Golang and targeting web servers running phpMyAdmin, MySQL, FTP and Postgres. The malware scans Classless Inter-Domain Routing (CIDR) blocks and brute-force passwords using a… read more »
-
Mar 13, 2023
In Cyber Threat Intelligence, the collection and analysis of Indicators of Compromise (IOCs) is critical because they provide valuable information that can help organisations detect and respond to cyber threats more effectively. IOCs are pieces of evidence or artefacts that… read more »
-
Mar 11, 2023
Plaso is a Python-based engine that can automatically create timelines from various files found on typical computer systems. It can extract timestamps from file system metadata, log files, registry files, browser history, email archives, and many other sources, and can… read more »
-
Mar 10, 2023
According to a recent report from cybersecurity firm Mandiant, Chinese cybercriminals are targeting unpatched SonicWall gateways with credential-stealing malware that persists through firmware upgrades. The spyware is targeting the SonicWall Secure Mobile Access 100 Series, which provides VPN access to… read more »