Unauthorized Users Utilize Microsoft MSC Files to Distribute Concealed Backdoor in Incidents in Pakistan
Recent observations show that a fresh phishing operation is using tax-related bait to distribute a covert backdoor payload in targeted...
observed
Hidden Snowstorm Deploys Kazuar Backdoor in Ukraine Using Amadey Malware-as-a-Service
The Russian state-sponsored group known as Hidden Snowstorm has been spotted utilizing malicious software linked with other cybercriminals to distribute...
The Black Basta Ransomware Enhances its Techniques with Email Flooding, QR Codes, and Manipulation
Those behind the Black Basta ransomware have been seen modifying their strategies, spreading various types of malicious software like Zbot...
Online Criminals Exploiting Cloudflare Passages, DNS Rapid-Change to Conceal GammaDrop Malicious Software
The rogue entity identified as Gamaredon has been detected utilizing Cloudflare Passages as a strategy to hide its staging setup...
Chinese Cybercriminals Exploit GHOSTSPIDER Malware to Breach Telecommunications in Over 12 Countries
Earth Estries, a threat actor associated with China, has been identified employing an undisclosed backdoor named GHOSTSPIDER in its operations...
APT-K-47 Utilizes Hajj-Themed Baits to Deploy Sophisticated Asyncshell Malware
There have been reports of the cybercriminal group called Enigmatic Elephant employing an enhanced variant of malware known as Asyncshell....
Chinese Advanced Persistent Threat Gelsemium Focuses on Linux Systems Using Fresh WolfsBane Backdoor
An advanced persistent threat group linked to China, known as Gelsemium, has been detected employing a recently discovered Linux backdoor...
Sophos Managed Detection and Response (MDR) thwarts and monitors actions from likely Iranian state actor called “MuddyWater”
Observations made by Sophos MDR reveal a recent campaign employing targeted phishing tactics to lure victims into downloading a valid...
Iranian Cybercriminals Employ “Ideal Occupation” Baits to Spread SnailResin Malware in Aerospace Assaults
The Iranian cyber threat actor, recognized as TA455, has been seen adopting a tactic similar to a hacking group from...
Threatening Victims with LockBit’s Reputation: Latest Attacks by Ransomware Syndicates
Villains have been spotted misusing Amazon S3 (Simple Storage Service) Transfer Acceleration feature in ransomware assaults aimed at moving victim...
Malicious Actors Leveraging Docker API Servers for SRBMiner Cryptocurrency Mining Attacks
Oct 22, 2024Ravie LakshmananDocker Security / Cloud Security Unscrupulous individuals have been spotted aiming at Docker remote API servers to...
Hackers Utilize Roundcube Webmail XSS Flaw to Obtain Login Information
Oct 20, 2024Ravie LakshmananVulnerability / Email Security Unidentified attackers have been seen exploiting a now-fixed security vulnerability in the open-source...
The Quiet Menace: Red Team Tool EDRMuffler Disrupting Endpoint Security Solutions
Final Thoughts Through our continuous endeavors to oversee and alleviate emerging risks, we have observed from our internal data that...
Ivanti CSA Flaws Used by Nation-State Hackers to Infiltrate Networks
October 14, 2024Ravie LakshmananNetwork Security / Vulnerability A suspected group of attackers from a nation-state has been spotted exploiting three...
OilRig Leverages Windows Kernel Vulnerability in Espionage Operation Targeting UAE and Gulf Countries
Oct 13, 2024Ravie Lakshmanan The Iranian hacking group referred to as OilRig has been identified exploiting a recently fixed privilege...
