-
Mar 20, 2023
Security researchers David Buchanan and Simon Aarons have discovered a serious vulnerability in Google Markup, the screenshot editing tool available on Pixel devices. The bug, dubbed “aCropalypse”, allows certain parts of the image to be restored, potentially exposing sensitive information.… read more »
-
Mar 15, 2023
CrowdStrike has discovered a cryptojacking campaign targeting Kubernetes infrastructure, believed to be the first Dero cryptojacking operation. Dero is a private, decentralised application platform that offers enhanced privacy and anonymity compared to other cryptocurrencies. The attack targets Kubernetes clusters exposed… read more »
-
Mar 15, 2023
Microsoft has released 80 security patches for its March 2023 Patch Tuesday rollout. The patches include 9 Critical, 70 Important, and 1 Moderate vulnerabilities. Additionally, there are two actively exploited zero-day vulnerabilities: a Critical elevation of privilege within Microsoft Outlook… read more »
-
Mar 14, 2023
Researchers at Palo Alto Networks Unit 42 have discovered a new malware called GoBruteforcer, written in Golang and targeting web servers running phpMyAdmin, MySQL, FTP and Postgres. The malware scans Classless Inter-Domain Routing (CIDR) blocks and brute-force passwords using a… read more »
-
Mar 13, 2023
In Cyber Threat Intelligence, the collection and analysis of Indicators of Compromise (IOCs) is critical because they provide valuable information that can help organisations detect and respond to cyber threats more effectively. IOCs are pieces of evidence or artefacts that… read more »
-
Mar 11, 2023
Plaso is a Python-based engine that can automatically create timelines from various files found on typical computer systems. It can extract timestamps from file system metadata, log files, registry files, browser history, email archives, and many other sources, and can… read more »
-
Mar 10, 2023
According to a recent report from cybersecurity firm Mandiant, Chinese cybercriminals are targeting unpatched SonicWall gateways with credential-stealing malware that persists through firmware upgrades. The spyware is targeting the SonicWall Secure Mobile Access 100 Series, which provides VPN access to… read more »
-
Mar 9, 2023
When it comes to responding to cybersecurity incidents, organisations have several options, including using a Computer Emergency Response Team (CERT), a Computer Security Incident Response Team (CSIRT) or a Security Operations Center (SOC). While these teams may seem interchangeable, there… read more »
-
Mar 9, 2023
The popular open-source password management service, Bitwarden, offers an auto-fill feature that can automatically fill in users’ saved credentials when they visit a website. However, this feature has a potentially dangerous behavior that could allow malicious iframes embedded in trusted… read more »
-
Mar 8, 2023
Chinese threat actor Sharp Panda has targeted high-profile government agencies in Southeast Asia with a cyber espionage campaign using a new version of the Soul modular framework. Cybersecurity firm Check Point has described the activity as “long-running” and has previously… read more »
-
Mar 6, 2023
A new report from cybersecurity firm MITIGA has revealed that malicious actors can exploit a lack of forensic visibility in Google Cloud Platform (GCP) to exfiltrate sensitive data. The research found that GCP does not provide sufficient visibility into its… read more »
-
Mar 5, 2023
CrowdStrike has released its 9th Annual Global Threat Report, which provides a comprehensive overview of threat actor behaviour, tactics and trends over the past year. The report is based on the activities of more than 200 cyber adversaries and covers… read more »
-
Mar 3, 2023
The Cybersecurity and Infrastructure Security Agency (CISA) recently launched a free tool called Decider to help the cybersecurity community map threat actor behaviour to the MITRE ATT&CK Framework. Decider uses a combination of guided questions, efficient search and filtering, and… read more »
-
Mar 2, 2023
According to research recently published by cybersecurity firm Trend Micro, Iron Tiger, a Chinese-speaking threat group known for targeting organisations in East Asia, has created a Linux version of its custom malware known as SysUpdate. The malware is designed to… read more »
-
Feb 28, 2023
Blind Eagle, a financially motivated threat actor also known as APT-C-36, has launched attacks targeting organizations in Colombia and Ecuador since at least 2018. According to a recent report by cybersecurity firm CheckPoint, the group employs government-themed lures and sophisticated… read more »
-
Feb 26, 2023
Researchers at Menlo Security have discovered that a threat actor is targeting government agencies in the Asia-Pacific and North American regions with the PureCrypter malware downloader. The campaign has been seen delivering several types of malware, including Redline Stealer, AgentTesla,… read more »
-
Feb 24, 2023
Analysts at cybersecurity firm Sekoia have uncovered a new strain of malware called StealC, an advanced infostealer designed to steal sensitive data from victims. The malware, which is currently being sold on Dark Web forums, is spread through phishing campaigns,… read more »
-
Feb 23, 2023
Brute Ratel (BRc4) is a Command and Control (C2) framework designed to help attackers evade defence systems and remain undetected while executing malicious commands. Used in simulations of real-world attacks, this tool helps red team members deploy badgers on remote… read more »
-
Feb 22, 2023
A recent research by security company ZScaler, reports that threat actors are increasingly using the Havoc Framework for their malicious activities. Havoc is a toolkit that provides attackers with a wide range of capabilities, such as creating malware, exploiting vulnerabilities,… read more »
-
Feb 21, 2023
A new threat actor, dubbed WIP26 by security firm Sentinel One, has recently been identified that is targeting government agencies and telecommunication service providers in the United States. WIP26 is known to use multiple tactics, techniques and procedures (TTPs) to… read more »