Home 2017-08-28T17:57:09+05:30

FARGO ransomware targets vulnerable Microsoft SQL servers in new wave of attacks

Microsoft SQL servers are succumbing to FARGO ransomware, security researchers at AhnLab Security Emergency Response Center (ASEC) have warned. Cybersecurity researchers from AhnLab Security say that the newly detected malware [...]

China-linked TA413 group targets Tibetan entities with new backdoor

A China-linked cyberespionage group, tracked as TA413 (aka LuckyCat), is exploiting recently disclosed flaws in Sophos Firewall (CVE-2022-1040) and Microsoft Office (CVE-2022-30190) to deploy a never-before-detected backdoor called LOWZERO in attacks aimed at [...]

BlackCat Ransomware Attackers Spotted Fine-Tuning Their Malware Arsenal

BlackCat Ransomware attackers fine-tuning their malware arsenal in a bid to remain undercover and expand their reach.  According to Symantec, “Among some of the more notable developments has been the use of [...]

CISA Urges to Patch ManageEngine Against RCE Vulnerability

The US Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical Java deserialisation bug affecting multiple Zoho ManageEngine products to its Known Exploited Vulnerabilities (KEV) catalogue and warned that the [...]

Hackers Using Malicious OAuth Apps to Take Over Email Servers

Microsoft on Thursday warned of a consumer-facing attack that made use of rogue OAuth applications on compromised cloud tenants to ultimately seize control of Exchange servers and spread spam. “The [...]

Record DDoS Attack with 25.3 Billion Requests Abused HTTP/2 Multiplexing

Cybersecurity company Imperva has disclosed that it mitigated a dispersed denial-of-company (DDoS) attack with a whole of more than 25.3 billion requests on June 27, 2022. According to reports, the [...]

By | September 21st, 2022|Security Advisory, Security Update, Targeted Attacks|0 Comments

Europol and Bitdefender Release Free Decryptor for LockerGoga Ransomware

Cybersecurity firm Bitdefender published a new decryptor on Friday for LockerGoga, a strain of ransomware best known for its 2019 attack on Norwegian aluminum giant Norsk Hydro. The new decryptor is a [...]

By | September 20th, 2022|Compromised, Malware, Ransomware, Security Advisory, Security Update|0 Comments

Microsoft Teams’ GIFShell Attack

The newly published GIFShell attack method, which occurs through Microsoft Teams, is a perfect example of how threat actors can exploit legitimate features and configurations that haven't been correctly set. [...]

By | September 20th, 2022|Internet Security, IOC's, Microsoft, Security Advisory, Security Update|0 Comments

Trend Micro Warnes for Actively Exploited RCE Flaw in Apex One

Trend Micro recently released a patch for an actively exploited flaw in its endpoint security platform, Apex One. The security software provider published an advisory to report six vulnerabilities and advised their customers [...]

By | September 19th, 2022|Exploitation, RCE Flaw, Security Advisory, Security Update, vulnerability|0 Comments

Hackers Had Access to LastPass’s Development Systems for Four Days

Password management solution LastPass shared more details pertaining to the security incident last month, disclosing that the threat actor had access to its systems for a four-day period in August [...]

By | September 19th, 2022|hackers, malicious cyber actors, Security Advisory, Security Update|0 Comments

North Korean Hackers Spreading Trojanized Versions of PuTTY Client Application

Researchers believe that hackers with links to North Korean government have been pushing the Trojanized Version of PuTTY networking tool in a bid to hack the networks of organizations they [...]

By | September 16th, 2022|Internet Security, Security Advisory, Security Update|0 Comments

WordPress Sites Compromised Due to FishPig Supply Chain Attack

Threat actors infected FishPig’s distribution server as part of a supply chain attack. The vendor’s service integrates Adobe’s Magento eCommerce platform into WordPress websites. Attackers injected malicious code into FishPig’s software to [...]

By | September 15th, 2022|Malware, Security Advisory, Security Update, Targeted Attacks, Tips, wordpress|0 Comments

Phishing page embeds keylogger to steal passwords as you type

A novel phishing campaign is underway, targeting Greeks with phishing sites that mimic the state's official tax refund platform and steal credentials as they type them. The campaign aims to [...]

Loader Malware Emotet is Now Led by Quantum and BlackCat

Emotet (also known as SpmTools) is a sophisticated, modular banking trojan. Emotetmostly serves as a downloader or dropper of other banking trojans. It is a loader-as-a-service (LaaS). It is mainly distributed by spam emails (malspam). [...]

By | September 14th, 2022|Compromised, Data Breach, Malware, Security Advisory, Security Update|0 Comments

Microsoft’s Latest Security Update Fixes 64 New Flaws, Including a Zero-Day

Microsoft on Tuesday released fixes to eliminate 64 new security flaws across its software lineup, including a zero-day flaw that has been actively exploited in real-world attacks. Of the 64 [...]

By | September 14th, 2022|Microsoft, Security Advisory, Security Update, vulnerability, Zero Day Attack|0 Comments

Apple Releases iOS and macOS Updates to Patch Actively Exploited Zero-Day Flaw

Apple iPhone, iPad, and Mac security update fixes actively exploited zero-day vulnerability, which allows hackers to carry out cyberattacks. Apple iPhone, Mac Security Update Fixes Zero-Day Flaw As per the [...]

Cisco Patches High-Severity Vulnerability in SD-WAN vManage

The patches for a high-severity vulnerability in the binding configuration of SD-WAN vManage software containershas been announced by Cisco. The vulnerability tracked as CVE-2022-20696, the issue exists because of insufficientprotection [...]

Lampion Banking Malware Reappears in WeTransfer Phishing Attacks

Lampion malware operators use the free file-sharing platform WeTransfer to perform phishing attacks. This way, attackers can avoid security alerts since they are tricking users into downloading from a trustworthy service.  The malware [...]

High-Severity Firmware Security Flaws Left Unpatched in HP Enterprise Devices

A set of six high-severity firmware vulnerabilities impacting a broad range of HP Enterprise devices are still waiting to be patched, although some of them were publicly disclosed since July [...]

By | September 12th, 2022|Security Advisory, Security Update, vulnerability|0 Comments

Hackers Exploit Zero-Day in WordPress BackupBuddy Plugin in ~5 Million Attempts

A zero-day flaw in a WordPress plugin known as BackupBuddy is being actively exploited, WordPress safety firm Wordfence has disclosed. BackupBuddy The BackupBuddy vulnerability impacts versions 8.5.8.0 through 8.7.4.1 and is under attack [...]

North Korean Lazarus hackers take aim at U.S. energy providers

The North Korean state-sponsored crime ring Lazarus Group is behind a new cyberespionage campaign with the goal to steal data and trade secrets from energy providers across the US, Canada [...]

By | September 9th, 2022|hackers, malicious cyber actors, Security Advisory, Security Update|0 Comments

Cisco Released Patches for Vulnerabilities Affecting Several Products

 Cisco has released updates to address vulnerabilities affecting multiple products. The vulnerability, identified as CVE-2022-28199 (CVSS 8.6), is due to improper error handling in the network stack of DPDK, which enables a remote attacker to cause [...]

By | September 8th, 2022|cisco, Security Advisory, Security Update, vulnerability|0 Comments

The North Face Warns of Major Credential Stuffing Campaign

Outdoor clothing giant The North Face has notified customers that their account may have been compromised, after noticing unusual activity on its website last month. It detected the credential stuffing attack on [...]

By | September 8th, 2022|Exploitation, Malware, Security Advisory, Security Update, Targeted Attacks|0 Comments

North Korean Hackers Deploying New MagicRAT Malware in Targeted Campaigns

The Lazarus Group, a well-known North Korean nation-state actor, has been connected to the MagicRAT remote access trojan. Lazarus Team, also known as APT38, Dark Seoul, Hidden Cobra, and Zinc, refers [...]

New Stealthy Shikitega Malware Targeting Linux Systems and IoT Devices

A stealthy new form of malware is targeting Linux systems in attacks that can take full control of infected devices – and it is using this access to install crypto-mining [...]

By | September 7th, 2022|Linux Malware, Malware, Security Advisory, Security Update, Targeted Attacks|0 Comments

QNAP Fixes Zero-Day Recently Leveraged by DeadBolt Ransomware

The Taiwanese company QNAP cautions customers about DeadBolt ransomware attacks upon exploiting a zero-day vulnerability in Photo Station. QNAP detected the issue on September 3.  In its security bulletin, QNAP explains that the ransomware exploits this [...]

New EvilProxy Phishing Service Allowing Cybercriminals to Bypass 2-Factor Security

A new Phishing-as-a-Service (PhaaS) named EvilProxy (also known as Moloch) was seen for sale in dark web forums, according to the Resecurity team. What Does EvilProxy Phishing do ? "EvilProxy actors [...]

SharkBot malware found on Google Play Store stealing login info again

The information stealing and banking data-targeting Android malware was found installed with the help of applications masquerading as antivirus or cleaner applications on the official Google Play Store.  SharkBot The [...]

By | September 5th, 2022|Malware, Mobile Security, Security Advisory, Security Update, Tips|0 Comments

Critical RCE Vulnerability in the Atlassian Bitbucket Server and Data Center

A Vulnerability has been discovered in Atlassian Bitbucket Server and Data Center which could allow for remote code execution. Bitbucket is a Git-based source code repository hosting service owned by [...]

Apple Releases iOS Update for Older iPhones to Fix Actively Exploited Vulnerability

Apple has released a new iOS 12 build for customers using the older models of iPhones, iPads and even iPod. The software update comes with a fix for security vulnerability [...]

By | September 1st, 2022|apple, Exploitation, IOC's, malicious cyber actors, Security Update|0 Comments

New Golang-based ‘Agenda Ransomware’ Can Be Customized For Each Victim

Cybersecurity company Trend Micro is raising the alarm on a new ransomware family called Agenda, which has been used in attacks on organizations in Asia and Africa. Agenda Ransomware Agenda targets [...]

Google Launches New Open Source Bug Bounty to Tackle Supply Chain Attacks

Google on Tuesday announced it's launching a new bug bounty program that focuses specifically on open-source software.  The payouts will range from $100 to $31,337 depending on the severity of the [...]

Microsoft Uncovers New Post-Compromise Malware Used by Nobelium Hackers

The danger actor behind the SolarWinds source chain attack has been connected to still a further “extremely specific” publish-exploitation malware that could be utilized to manage persistent accessibility to compromised [...]

Okta Hackers Behind Twilio and Cloudflare Breach Hit Over 130 Organizations

The threat actor behind the attacks on Twilio and Cloudflare earlier this month has been linked to a broader phishing campaign aimed at 136 organizations that resulted in a cumulative [...]

By | August 26th, 2022|Data Breach, hackers, Security Advisory, Security Update|0 Comments

LastPass developer systems hacked to steal source code

Password management firm LastPass was hacked last week, allowing threat actors to steal the company’s source code and proprietary technical information. LastPass Developer It is one of the largest password [...]

By | August 26th, 2022|Compromised, Security Advisory, Security Update|0 Comments

Crypto Miners Using Tox P2P Messenger as Command and Control Server

Threat actors have begun to make use of the Tox peer-to-peer on the spot messaging service as a command-and-control methodology, marking a shift from its earlier function as a contact [...]

Hackers Using Fake DDoS Protection Pages to Distribute Malware

Recently security experts from Sucuri, spotted JavaScript injections targeting WordPress sites to display fake DDoS Protection pages which lead victims to download remote access trojan malware. WordPress, DDoS, malware Hacked [...]

GitLab Issues Patch for Critical Flaw in its Community and Enterprise Software

GitLab released patches where they fixed a critical remote code execution vulnerability. It is labeled CVE-2022-2884 with a CVSS score of 9.9. This critical vulnerability in the GitHub Import API can be exploited by [...]

By | August 24th, 2022|Security Advisory, Security Update, vulnerability|0 Comments

Meet Borat RAT, a New Unique Triple Threat

Atlanta-based mostly cyber risk intelligence corporation, Cyble found out a new Remote Accessibility Trojan (RAT) malware. RAT Malware RAT malware generally aids cybercriminals achieve total command of a victim’s program, [...]

New Grandoreiro Banking Malware Campaign Targeting Spanish Manufacturers

Organizations in the Spanish-speaking nations of Mexico and Spain are in the crosshairs of a new campaign designed to deliver the Grandoreiro banking trojan. Grandoreiro Malware KeyloggingAuto-Updation for newer versions and modulesWeb-Injects and [...]

Apple security updates fix 2 zero-days used to hack iPhones, Macs

Apple has launched emergency safety updates at the moment to repair two zero-day vulnerabilities beforehand exploited by attackers to hack iPhones, iPads, or Macs. Apple has released an emergency security [...]

Windows KB5012170 update causing BitLocker recovery screens, boot issues

Windows users who have installed a new KB5012170 security update for Secure Boot have encountered various issues, ranging from boots failing with BitLocker Recovery prompts to performance issues. During the [...]

By | August 17th, 2022|Internet Security, Microsoft, Security Advisory, Security Update|0 Comments

Researchers found one-click exploits in Discord and Teams

A group of security researchers found a series of vulnerabilities in the software underlying popular apps like Discord, Microsoft Teams, Slack and many others, which are used by tens of [...]

By | August 16th, 2022|Internet Security, Microsoft, Security Advisory, Security Update|0 Comments

Chinese Hackers Backdoored MiMi Chat App to Target Windows, Linux, macOS Users

Reports from cybersecurity firms SEKOIA and Trend Micro confirm that a new effort by the Chinese threat actor Lucky Mouse involves using a trojanized version of a cross-platform messaging software to backdoor devices.  An [...]

SOVA malware adds ransomware feature to encrypt Android devices

Sova malware adds new features that make it more dangerous to a wider range of Android payment and banking app users. SOVA Malware The Sova Android banking malware first appeared [...]

Palo Alto Networks: New PAN-OS DDoS flaw exploited in attacks

Threat actors are exploiting a vulnerability, tracked as CVE-2022-0028 a high severity issue in Palo Alto Networks devices running the PAN-OS to launch reflected amplification denial-of-service attacks. PAN-OS DDOS flaw The root [...]

Researchers Warn of Ongoing Mass Exploitation of Zimbra RCE Vulnerability

The US Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two disadvantages of it Catalog of known vulnerabilities in useciting evidence of active exploitation. Two high-severity issues are related to vulnerabilities in [...]

Cisco hacked by Yanluowang ransomware gang, 2.8GB allegedly stolen

Cisco confirmed today that the Yanluowang ransomware group infiltrated its corporate network in late May and that the actor attempted to blackmail them, threatening to leak stolen files online. Yanluowang [...]

By | August 11th, 2022|cisco, Data Breach, Ransomware, Security Advisory, Security Update|0 Comments

Experts Uncover Details on Maui Ransomware Attack by North Korean Hackers

The first-ever incident possibly linked to the ransomware family known as Maui occurred on April 15, 2021, and targeted an unnamed Japanese housing company. Kaspersky’s disclosure comes a month after [...]

By | August 11th, 2022|Malware, Ransomware, Security Advisory, Security Update|0 Comments

Windows 11 KB5016629 update fixes Start Menu, File Explorer issues

Microsoft has released the Windows 11 KB5016629 cumulative update with security updates, improvements, including fixes for File Explorer and the Start Menu and a new Focus Assist feature. What's new [...]

By | August 10th, 2022|Internet Security, Microsoft, Security Advisory, Security Update|0 Comments

Microsoft: Exchange ‘Extended Protection’ needed to fully patch new bugs

Microsoft says that some of the Exchange Server flaws addressed as part of the August 2022 Patch Tuesday also require admins to manually enable Extended Protection on affected servers to [...]

By | August 10th, 2022|Microsoft, Security Advisory, Security Update, Software Issues, Tips|0 Comments

CISA warns of Windows and UnRAR flaws exploited in the wild

The U.S. Cybersecurity and Infrastructure Security Agency has added two more flaws to its catalog of Known Exploited Vulnerabilities, based on evidence of active exploitation. CVE-2022-34713 and informally referred to [...]

By | August 10th, 2022|Compromised, Malware, Security Update, Targeted Attacks, vulnerability|0 Comments

New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack

A new IoT botnet malware dubbed RapperBot has been noticed promptly evolving its capabilities because it was 1st discovered in mid-June 2022. RapperBot Malware RapperBot has limited DDoS capabilities, it [...]

New GwisinLocker ransomware encrypts Windows and Linux ESXi servers

A new ransomware family called ‘GwisinLocker’ targets South Korean industrial and pharmaceutical companies.  GwisinLocker ransomware ReversingLabs researchers discovered a new ransomware family targeting Linux-based systems. The malware, dubbed GwisinLocker was [...]

By | August 8th, 2022|malicious cyber actors, Malicious extension, Malware, Ransomware, Tips|0 Comments

Critical RCE vulnerability impacts 29 models of DrayTek routers

Researchers at Trellix have discovered a critical unauthenticated remote code execution (RCE) vulnerability impacting 29 models of the DrayTek Vigor series of business routers. The vulnerability is tracked as CVE-2022-32548 [...]

By | August 5th, 2022|DrayTek, Security Advisory, Security Update, vulnerability|0 Comments

Russian organizations attacked with new Woody RAT malware

On Wednesday, Hackers attacks Russian organizations with the newly discovered malware, allowing them to take control and steal information from compromised devices remotely. According to Malwarebytes, one of the Russian [...]

VMware Releases Patches for Several New Flaws Affecting Multiple Products

VMware on Tuesday released updates to address 10 security flaws affecting several products that could be used by unauthenticated attackers to perform malicious activities. CVE-2022-31656 to CVE-2022-31665 Issues tracked from [...]

By | August 4th, 2022|Security Advisory, Security Update, vmware, vulnerability|0 Comments

VirusTotal Reveals Most Impersonated Software in Malware Attacks

Threat actors are increasingly mimicking legitimate applications like Skype, Adobe Reader, and VLC Player as a means to abuse trust relationships and increase the likelihood of a successful social engineering [...]

Gootkit Loader Resurfaces with Updated Tactic to Compromise Targeted Computers

The operators of the Gootkit access-as-a-service (AaaS) malware have resurfaced with updated techniques to compromise unsuspecting victims. All about GootKit : The Gootkit Access-as-a-Service (AaaS) malware's operators have reemerged with [...]

North Korean Hackers Using Malicious Browser Extension to Spy on Email Accounts

A group of North Korean hackers is using a rogue Microsoft Edge or Chrome plugin to track or access user email accounts. Cybersecurity firm Volexity attributed the malware to an activity cluster it calls SharpTongue, [...]

Researchers Warns of Increase in Phishing Attacks Using Decentralized IPFS Network

The decentralized file system solution known as IPFS is becoming the new "hotbed" for hosting phishing sites, researchers have warned. What’s with IPFS and why do attackers use it? IPFS [...]

LibreOffice Releases Software Update to Patch 3 New Vulnerabilities

The team behind LibreOffice has released security updates to fix three security flaws in the productivity software, one of which could be exploited to achieve arbitrary code execution on affected [...]

Malicious IIS Extensions Gaining Popularity Among Cyber Criminals for Persistent Access

Risk actors are significantly abusing Internet Details Services (IIS) extensions to backdoor servers as a means of establishing a “long lasting persistence mechanism.” Microsoft 365 Defender Research Team released a [...]

Experts Find Similarities Between New LockBit 3.0 and BlackMatter Ransomware

Cybersecurity researchers have reiterated similarities involving the hottest iteration of the LockBit ransomware and BlackMatter, a rebranded variant of the DarkSide ransomware strain that closed store in November 2021. The [...]

Candiru Spyware Caught Exploiting Google Chrome Zero-Day to Target Journalists

An Israeli spyware outfit turned the actively exploited, but now patched, Google Chrome zero-day issue into a weapon that it deployed to assault Middle Eastern journalists. Candiru Spyware The exploitation [...]

Microsoft Resumes Blocking Office VBA Macros by Default After ‘Temporary Pause’

Microsoft announced today that it resumed the rollout of VBA macro auto-blocking in downloaded Office documents after temporarily rolling it back earlier this month following user feedback. Earlier this February, Microsoft [...]

By | July 25th, 2022|Internet Security, Microsoft, Security Advisory, Security Update|0 Comments

New Linux Malware Framework Lets Attackers Install Rootkit on Targeted Systems

A never ever-in advance of-observed Linux malware has been dubbed a “Swiss Military Knife” for its modular architecture and its functionality to set up rootkits. Lightning Framework This previously undetected [...]

Atlassian fixes critical Confluence hardcoded credentials flaw

Atlassian has patched a crucial hardcoded credentials vulnerability in Confluence Server and Information Heart that would let distant, unauthenticated attackers log into weak, unpatched servers. One of the flaws – CVE-2022-26136 – [...]

By | July 21st, 2022|Security Advisory, Security Update, vulnerability|0 Comments

Experts Uncover New CloudMensis Spyware Targeting Apple macOS Users

Cybersecurity researchers have taken the wraps off a earlier undocumented spyware focusing on the Apple macOS working technique. The malware, codename CloudMensis by Slovakian cybersecurity company ESET, is said to exclusively use [...]

By | July 20th, 2022|Security Advisory, Security Update, vulnerability|0 Comments

Russian Hackers Using DropBox and Google Drive to Drop Malicious Payloads

State-backed hackers part of Russia's Federation Foreign Intelligence Service (SVR) have started using Google Drive legitimate cloud storage service to evade detection. APT29, also tracked beneath the monikers Cozy Bear, [...]

By | July 20th, 2022|Security Advisory, Security Update, Tips|0 Comments

New Air-Gap Attack Uses SATA Cable as an Antenna to Transfer Radio Signals

Researchers , have published a paper that demonstrates how a hacker could extract data from an otherwise secure system via its SATA cable.   The attack uses the SATA cable itself [...]

Netwrix Auditor Bug Could Lead to Active Directory Domain Compromise

Netwrix IT asset tracker and compliance auditor, used across more than 11,500 organizations, contains a critical Insecure Object Deserialization vulnerability that could lead to Active Directory domain compromise. Netwrix The firm [...]

Juniper Releases Patches for Critical Flaws in Junos OS and Contrail Networking

Juniper Networks this week announced the release of patches for more than 30 vulnerabilities across its portfolio, including severe flaws in Contrail Networking and Junos OS. Two advisories describing a total of [...]

New UEFI firmware flaws impact over 70 Lenovo laptop models

The UEFI firmware used in several laptops made by Lenovo is vulnerable to three buffer overflow vulnerabilities that could enable attackers to hijack the startup routine of Windows installations. Lenovo [...]

Amazon squashes years-old authentication bugs in AWS Kubernetes service

AWS fixed three authentication bugs present in one line of code in its IAM Authenticator for Kubernetes, used by the cloud giant's popular managed Kubernetes service Amazon EKS, that could [...]

By | July 13th, 2022|Internet Security, Security Advisory, Security Update|0 Comments

ChromeLoader: New Stubborn Malware Campaign

A new browser hijacker/adware campaign named ChromeLoader also known as Choziosi Loader and ChromeBack was discovered. Despite using simple malicious advertisements, the malware became widespread, potentially leaking data from thousands [...]

Microsoft: Windows Autopatch is now generally available

Microsoft on Monday announced the general availability of a feature called Autopatch that automatically keeps Windows and Office software up-to-date on enrolled endpoints. Microsoft Auto Patch Microsoft's new auto patch service It [...]

By | July 12th, 2022|Internet Security, Microsoft, Security Advisory, Security Update|0 Comments

Checkmate Ransomware Targets QNAP SMB Services

New Checkmate ransomware has been discovered targeting QNAP NAS devices. Although the attacks are still being investigated, it is known that these new ransomware attacks through SMB services are accessible via the internet. QNAP [...]

TrickBot Gang Shifted its Focus on “Systematically” Targeting Ukraine

The operators of the TrickBot malware have resorted to systematically targeting Ukraine since the onset of the war. The group is believed to have orchestrated at minimum 6 phishing strategies [...]

Hive Ransomware Upgraded to Rust to Deliver More Sophisticated Encryption

Researchers from Microsoft Security have spotted an upgraded version of the ransomware-as-a-service (RaaS) dubbed Hive. Hive Ransomware Hive was first detected in June 2021, with the data-encrypting software being offered [...]

Researchers Warn of New OrBit Linux Malware That Hijacks Execution Flow

A new and entirely undetected Linux threat dubbed Orbit, signally a growing trend of malware attacks towards operating system. Orbit Malware The malware gets its name from one of the [...]

Researchers Uncover Malicious NPM Packages Stealing Data from Apps and Web Forms

Researchers have uncovered a software supply-chain attack involving packages hosted on the Node Package Manager (npm), which is the package manager for the Node.js JavaScript platform. The campaign leveraged malicious [...]

Gitlab patches critical RCE bug in latest security release

Gitlab has patched a critical vulnerability that could allow an attacker to execute code remotely. The security issue, which has been rated as critical, has been discovered in all versions of GitLab, [...]

By | July 5th, 2022|Data Breach, Security Advisory, Security Update, vulnerability|0 Comments

Microsoft: Raspberry Robin worm already infected hundreds of networks

Raspberry Robin is a Windows worm discovered by cybersecurity researchers from Red Canary, the malware propagates through removable USB devices. The malicious code uses Windows Installer to reach out to QNAP-associated [...]

Jenkins discloses dozens of zero-day bugs in multiple plugins

The Jenkins security team announced 34 security vulnerabilities affecting 29 plugins for the Jenkins open-source automation server. 29 of these bugs are zero-days still waiting to be patched. It is a [...]

AstraLocker 2.0 infects users directly from Word attachments

AstraLocker 2.0 is a ransomware variant belonging to the Babuk family. It recently released its second major release, and according to threat analysts, its operators are involved in rapid attacks that drop [...]

By | July 1st, 2022|Malware, Ransomware, Security Advisory, Security Update|0 Comments

New ZuoRAT malware targets SOHO routers in North America, Europe

A multistage remote access trojan (RAT) named ZuoRAT has been targeting remote workers with the help of small office/ home office (SOHO) routers across North America and Europe since 2020. [...]

Android Malware Called ‘Revive’ Poses as 2FA App For Spain’s BBVA Bank 

The 2FA application necessary to access BBVA bank accounts in Spain is impersonated by a new Android banking malware called Revive. Instead of aiming to infect consumers of various financial [...]

Microsoft Exchange bug abused to hack building automation systems

A Chinese-speaking threat actor has hacked into the building automation systems (used to control HVAC, fire, and security functions) of several Asian organizations to backdoor their networks and gain access [...]

By | June 29th, 2022|Internet Security, IOC's, Security Advisory, Security Update|0 Comments

Critical Security Flaws Identified in CODESYS ICS Automation Software

CODESYS has launched patches to handle as many as 11 safety flaws that, if efficiently exploited, may end in info disclosure and a denial-of-service (DoS) situation, amongst others. The vulnerability [...]

Attackers exploited a zero-day in Mitel VOIP devices to compromise a network

CrowdStrike researchers recently investigated the compromise of a Mitel VOIP appliance as an entry point in a ransomware attack against the network of an organization.  Mitel VOIP Mitel VOIP devices [...]

Dark Web Profile: Netwalker Ransomware

Many ransomware gangs have attempted and failed to quake the cybersecurity landscape. But some have broken through and even rearranged it with their obfuscatory cyberattack methods. Netwalker ransomware is an example of such a [...]

Malicious Windows ‘LNK’ attacks made easy with new Quantum builder

Malware researchers have noticed a new tool that helps cybercriminals build malicious. LNK files to deliver payloads for the initial stages of an attack. Some of the prevalent malware families [...]

Chinese language hackers use ransomware as decoy for cyber espionage

Two Chinese language hacking teams conducting cyber espionage and stealing mental property from Japanese and western firms are deploying ransomware as a decoy. The use of ransomware in espionage operations [...]

Google patched 14 vulnerabilities with release of chrome 103

Google announced the release of Chrome 103 to the stable channel with patches for a total of 14 vulnerabilities, including nine reported by external researchers. CVE-2022-2156, which is described as [...]

Chinese hackers target script kiddies with info-stealer trojan

Cybersecurity researchers have discovered a new campaign attributed to the chinese "Tropic Trooper" hacking group. Tropic Trooper was previously observed targeting Philippines, Hong Kong and Taiwan; while the two latest [...]

Russian govt hackers hit Ukraine with Cobalt Strike, CredoMap malware

The Ukrainian CERT is warning that russian hacking groups are exploiting the Follina code execution vulnerability in new phishing campaigns to install the CredoMap malware and Cobalt Strike beacons. This [...]

VMware Spring Cloud Function Dos Vulnerability

In Vmware Spring Cloud Function versions 3.2.5 and older unsupported versions, it is possible for a user who directly interacts with framework provided lookup functionality to cause denial of service [...]

By | June 21st, 2022|Security Advisory, Security Update, VMware, vulnerability|0 Comments

New ToddyCat APT group targets Exchange servers in Asia, Europe

A complicated persistent menace (APT) group dubbed ToddyCat has been focusing on Microsoft Trade servers all through Asia and Europe for greater than a year. Whereas monitoring the group’s exercise, [...]

BRATA Malware Becomes an Advanced Threat

The malicious attacker driving the BRATA banking trojan has upgraded its techniques and added information-stealing features to the malware. Cleafy, an Italian mobile security firm, has followed BRATA activity and [...]

By | June 21st, 2022|IOC's, Malware, Mobile Security, Security Advisory, Security Update|0 Comments

730K WordPress Sites Force-Updated To Patch Critical Plugin Bug

WordPress sites using Ninja Forms, a forms builder plugin with more than 1 million installations, have been force-updated this week to a new build that addresses a critical security vulnerability. The [...]

By | June 20th, 2022|Compromised, Security Advisory, Security Update, vulnerability|0 Comments

High-Severity RCE Vulnerability Reported in Popular Fastjson Library

Cybersecurity researchers have detailed a recently patched high-severity security vulnerability in the popular Fastjson library that could be potentially exploited to achieve remote code execution. Tracked as CVE-2022-25845 -The package com.alibaba:fastjson before [...]

By | June 20th, 2022|Security Advisory, Security Update, Tips, vulnerability|0 Comments

Ransomware Gang Creates Site for Victims to Search for Their Stolen Data

The ALPHV ransomware gang, also known as BlackCat has created a dedicated website that allows the customers and employees of their victims to check if their data was stolen in [...]

Hackers exploit three-year-old Telerik flaws to deploy cobalt strike

The "Blue Mockingbird" group has targeted Telerik UI vulnerabilities to compromise servers. The threat actor installed the Cobalt Strike beacon and mined Monero. The flaw leveraged by the attacker is CVE-2019-18935, a critical severity that [...]

New Hertzbleed side-channel attack affects Intel,AMD CPUs

A new side-channel attack known as Hertzbleed allows remote attackers to steal full cryptographic keys by observing variations in CPU frequency enabled by dynamic voltage and frequency scaling(DVFS). This is [...]

Citrix Releases Security Updates for Application Delivery Management

Citrix has released security updates to address vulnerabilities in application delivery management. An attacker could exploit these vulnerabilities to take control of an affected system. Corruption of the system by [...]

By | June 15th, 2022|Citrix, Security Advisory, Security Update|0 Comments

New Zimbra Email Vulnerability Could Let Attackers Steal Your Login Credentials

Zimbra is an enterprise-level email solution, similar to Microsoft Exchange. It comes with mail servers, load balancing features, a powerful web interface, and more.  Tracked as CVE-2022-27924 (CVSS score: 7.5), [...]

Hello XD ransomware now drops a backdoor while encrypting

Cybersecurity researchers report increased activity of the Hello XD ransomware, whose operators are now deploying an stronger encryption .Instead, it prefers to direct the impacted victim to negotiations through TOX [...]

By | June 14th, 2022|Ransomware, Security Advisory, Security Update, Tips|0 Comments

New Vytal Chrome extension hides location info that your VPN can’t

A new Google Chrome browser extension called Vytal prevents webpages from using programming APIs to find your geographic location leaked, even when using a VPN. Many people use VPNs to [...]

Cuba ransomware returns to extorting victims with updated encryptor

A new binary sampled by Trend Micro included minor additions and changes that make the malware more dangerous. More importantly, though, it shows that the operation is still alive and [...]

By | June 9th, 2022|Ransomware, Security Advisory, Security Update|0 Comments

Qbot malware now uses windows MSDT Zer0-Day in phishing attacks

In phishing assaults, the Qbot malware now uses the Windows MSDT zero-day. A serious Windows zero-day vulnerability known as Follina is currently being actively exploited in continuing phishing campaigns to [...]

By | June 8th, 2022|Compromised, Malware, Tips, Zero Day Attack|0 Comments

DeadBolt Ransomware Locks Out Vendors With Multitiered Extortion Scheme

The number of DeadBolt-infected devices is considerably high for a ransomware family that is exclusively targeting NAS devices.The goal of DeadBolt actors is to infect as many victims as possible [...]

By | June 7th, 2022|Ransomware, Security Advisory, Security Update, Tips|0 Comments

LuoYu APT delivers WinDealer malware via man-on-the-side attacks

LuoYu, a Chinese-speaking hacking group, is infecting victims with the WinDealer information stealer that installs backdoors to maintain persistence. The stealer performs man-on-the-side attacks. WinDealer A malicious Windows tool named [...]

By | June 7th, 2022|Malware, Security Advisory, Security Update, Tips|0 Comments

Unpatched Atlassian Confluence vulnerability is actively exploited

Researchers found a vulnerability in Atlassian Confluence by conducting an incident response investigation. Atlassian rates the severity level of this vulnerability as critical. Atlassian has issued a security advisory and is working on [...]

Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control

The CISA is releasing this CSA to warn organizations that malicious cyber actors, likely APT actors, are exploiting VMware vulnerabilities CVE-2022-22954 and CVE-2022-22960 separately. These vulnerabilities affect certain VMware versions [...]

By | June 6th, 2022|Exploitation, malicious cyber actors, VMware, vmware, vulnerability|0 Comments

Analysis of the Massive NDSW/NDSX Malware Campaign

The "Parrot TDS" campaign involving more than 16,500 infected websites. such massive infections don't go unnoticed by Sucuri and immediately recognized that the infection in their writeup belonged to the [...]

Microsoft Security: Exposing POLONIUM activity and infrastructure targeting Israeli organizations

Microsoft successfully detected and disabled attack activity abusing OneDrive by a previously undocumented Lebanon-based activity group Microsoft Threat Intelligence Center (MSTIC) tracks as POLONIUM . The associated indicators and tactics [...]

Conti ransomware targeted Intel firmware for stealthy attacks

Researchers analyzing the leaked chats of the notorious Conti ransomware operation have discovered that teams inside the Russian cybercrime group were actively developing firmware hacks. The ME is an embedded [...]

By | June 2nd, 2022|Ransomware, Security Update, Targeted Attacks, Tips|0 Comments

VMware and F5 BIG-IP flaws are being exploited by EnemyBot

EnemyBot, a botnet derived from many pieces of malware codes, extends its overall reach by rapidly incorporating exploits for previously detected severe vulnerabilities in web servers, content management systems, IoT, [...]

By | June 2nd, 2022|BOTNET, IOC's, Malware, Security Advisory, vulnerability|0 Comments

XLoader botnet now uses probability theory to hide its servers

Threat analysts have spotted a new version of the XLoader botnet malware that uses probability theory to hide its command and control servers, making it difficult to disrupt the malware’s [...]

By | June 1st, 2022|BOTNET, Internet Security, Malware, Security Advisory, Tips|0 Comments

New Microsoft Office Zero-Day Exploit in the Wild

Security researchers recently discovered a new Microsoft Office zero-day flaw(Follina) exploited in PowerShell remote code execution attacks. The new vulnerability, tracked as CVE-2022-30190, would let hackers execute malicious PowerShell commands through [...]

Windows malware uses PowerShell to inject malicious extension into Chrome

The malware is designed to install malicious extension(s) onto browsers. Currently, two distinct variants of ChromeLoader have been detected - one targeting Windows Operating Systems and another - Mac Operating [...]

Austria hit by BlackCat Ransomware, which demands $5 Million

The Austrian Federal State, Carinthia was attacked on Tuesday and Government services were severely disrupted as more workstations were apparently locked by the attacker. BlackCat, also called as ALPHV, a [...]

Critical Vulnerabilities Identified in OAS Platform

Open Automation Software (OAS) has been identified with vulnerabilities by researchers. These vulnerabilities are getting exploited by the threat actors. OAS is a platform that allows data connection between Industrial [...]

Automobile Manufacturer – General Motors under Credential Stuffing Attack

The General Motors had released a report last week about a data breach in the company that occurred between 11th - 29th of April month. However, the cause of this [...]

Further Analysis into BPFDoor reveals about Vulnerability Exploitation

BPFDoor is a traditional backdoor that had been exploited against the Government, telecommunication, Education and Logistics organizations for at least a several years. This was possible because it has been [...]

By | May 26th, 2022|Data Breach, Exploitation, IOC's, Malware, Targeted Attacks|0 Comments

SpiceJet hit by Ransomware, Flights services are slowed down.

SpiceJet, an airline service providing air transport services since a long time. It offers various destination flights for its customers. According to its website, the airline has a fleet of [...]

By | May 25th, 2022|Compromised, Ransomware, Software Issues|0 Comments

Cobalt Strike loaded with Malicious Python Packages

A malicious python package named “pymafka” was found in the PyPI registry by Sonatype’s automated malware detection bots. The name “pymafka” is similar to “pykafka”, a popular and legitimate programmer-friendly [...]

NIKKEI Hit by Ransomware Attack – Not the First Time

Nikkei announced on this Thursday that their server at Asian headquarters located in Singapore was hit by a ransomware attack. This attack has been reported to the Japanese and the [...]

PDF Documents Carrying Snake KeyLogger – Info Stealer

Microsoft Office Files are exploited for social engineering lures (especially Excel and Word), as these file formats are highly preferred by the public. The users are comfortable because the applications [...]

Lazarus targeting on VMware – Log4J Vulnerability Still Active

VMware servers are targeted again by the North Korean Hackers called Lazarus. The CVE-2021-44228 is exploited again to bring impact to a variety of products including the VMware Horizon Servers. [...]

Phishing attacks targeting Microsoft Windows Users with three Malwares

A sophisticated phishing campaign has started targeting Windows User. But, this campaign differs from other phishing attacks as it installs three malwares into the victim’s system. The phishing attack is [...]

Fake Mobile Apps to steal your Credentials and Private Keys

Recent observance by researchers in the Google Play Store showed that numbers of applications are malicious to the user. The malicious activities performed includes the stealing of credentials, private information [...]

Increasing Investors in NFT leads Hackers to Target NFT Sites

Due to the hiking interests towards the Pixelmon NFT Site, the threat actors have turned their attention towards them. Pixelmon is an Open World RPG NFT game. The player can [...]

By | May 16th, 2022|Compromised, Exploitation, Malware, Tips|0 Comments

BPFDoor with Firewall Security evasion, Linux Specific

Recently, BPFDoor - a malware was brought to light after years under the radar. It allows a threat actor to backdoor a system for remote code execution. It does not [...]

By | May 13th, 2022|Compromised, Exploitation, Malware, Targeted Attacks|0 Comments

Ramping efforts of Russian Hackers against the Satellites of SpaceX

Starlink is Satellite Internet Company owned by Elon Musk and it was activated in Ukraine after Russia crippled the country's communication systems during the ongoing war Starlink Resistance Recently, Musk [...]

By | May 12th, 2022|Targeted Attacks|0 Comments

Microsoft Exchange Servers affected by Post-Exploitation Malware

A post-exploitation malware Framework set down within the Microsoft Exchange Servers of organizations in various sectors across multiple regions. This campaign seems to be gathering intelligence and is tethered to [...]

By | May 12th, 2022|Compromised, Exploitation, Malware, Microsoft, Targeted Attacks|0 Comments

F5 Released Security Patches for the “CVE-2022-1388” – Act Immediately

Admins have been warned by the security researchers against a critical Remote-Control Execution (RCE) flaw in the F5 BIG-IP.   Last week F5-Security and Application Delivery Solutions Provider, released its security [...]

By | May 10th, 2022|Internet Security, Ransomware, Security Update, Tips|0 Comments

“Fileless Malware” with a New Form of Cover-Up

Researchers have discovered a new malicious campaign using a never-before-seen technique for injecting Fileless malware on target systems. Fileless malware are far from traditional malware that exploits executive files to [...]

By | May 10th, 2022|IOC's, Malware, Security Update, Software Issues, Tips|0 Comments

A Data Breach at IKEA, Canada – Company confirms

IKEA Canada has notified Canada’s Office of Privacy Commissioner (OPC) after the personal information of 95k Canadian customers appeared in a data breach. In a statement provided, the furniture retailer [...]

By | May 9th, 2022|Data Breach, Internet Security, Mobile Security|0 Comments

CISCO NFV Zero-day Vulnerability

Cisco has released software updates that address the Enterprise Network Function Virtualization Infrastructure Software (NFVIS) vulnerabilities. The security updates recently released contains three vulnerabilities that affect Cisco Enterprise NFVIS in [...]

Critical Vulnerability in Common Enterprise Switches and more…

TLStorm - a group of vulnerabilities found while implementing TLS(Transport Security Layer) in multiple models of network switches. This unofficially named, TLStorm 2.0 – a similar one with three vulnerabilities [...]

By | May 5th, 2022|Internet Security, Security Update, Software Issues|0 Comments

Beware Corporate, Mergers & Acquisitions are being targeted !

A recently uncovered espionage threat actors are targeting the employees majoring in the mergers and acquisitions to facilitate a mass email collection from the victim’s environments. Also focusing on the [...]

CERT-In advisory for Indian Organization – All You Need to Know !!

Past Week we could see a lot of Indian Organizations were under targeted attack and they were compromised. Now we can see CERT-In became active and provided guidelines for Organizations. [...]

By | April 29th, 2022|Internet Security, Regulation, Security Advisory, Security Update|0 Comments

Is Black Basta Ransomware a Beast? Sounds like it is.

Black Basta, a new ransomware has started its play during the month of April, with a start of approximately ten to fifteen companies. The first KNOWN attack of this group [...]

By | April 28th, 2022|Compromised, Data Breach, Ransomware, Tips|0 Comments

Why Indian Companies are not taking the Cyber Attack Seriously ?

Are they not understanding the aftermath of hacking? The article released by us on Monday about "Stormous Ransomware" Group is targeting the Indian companies, contained the list of websites targeted [...]

By | April 27th, 2022|Ransomware, Targeted Attacks, Tips|1 Comment

Indian Companies are under Targeted Attack – Financially motivated

Security Researchers Identified "Stormous ransomware campaigns" targeting multiple organization, especially Indian organization for financial motivation This group especially connect with attackers through Telegram Channel and Onion websites. Recently they have [...]

By | April 25th, 2022|Targeted Attacks|0 Comments

The Duck has Started Mining Again – As per CrowdStrike Researchers

OUTLINE The Emerging growth of the Digital Currencies also develops the need of protection from unforeseen hazards. The “LemonDuck” botnet, already in existence, is now targeting the Docker APIs for [...]

By | April 22nd, 2022|BOTNET|0 Comments

Windows 11 Upgrade – Fake Campaign is back Again & Again to steal the rest of what you have.

OVERVIEW Attack was active on Feb-08-2022 through RedLine Malware, now it’s more effective and researchers named that as “Inno Stealer”. According to CloudSEK, the threat actors have fabricated a website [...]

By | April 21st, 2022|Compromised, Malware, Microsoft|2 Comments

Digital Currency Exchanges and Users are under Targeted Attack by North Korean – TraderTraitor

TraderTraitor – North Korean Group targeting the Blockchain companies and NFT trading platforms to heist your NFT’s and Digital Crypto Coins. FBI, CISA and US Treasury Department released Joint Cyber [...]

By | April 20th, 2022|IOC's, Malware, Targeted Attacks, Tips|1 Comment

Security Update — BIG-IP APM AD Authentication Vulnerability

Security Advisory Description BIG-IP APM AD (Active Directory) authentication can be bypassed using a spoofed AS-REP (Kerberos Authentication Service Response) response sent over a hijacked KDC (Kerberos Key Distribution Center) [...]

By | April 29th, 2021|Security Update, Targeted Attacks|0 Comments

Security Vulnerability Update — Siemens Mendix Applications

Siemens released security update for Siemens Mendix Applications — prone to an elevation of privilege vulnerability.prone to an elevation of privilege vulnerability. Privilege Escalation — CVE-2021-27394 Security researchers discovered elevation [...]

By | April 25th, 2021|Security Update|0 Comments

Security Vulnerability Update — Adobe RoboHelp Privilege Elevation

Adobe released vulnerability update for RoboHelp — prone to an elevation of privilege vulnerability. Elevation of Privilege Adobe RoboHelp is a Help Authoring Tool (HAT) that allows you to create help systems, [...]

By | April 25th, 2021|Security Update|0 Comments

Passwordstate Password Manager Installs Backdoor — Supply Chain Attack

Passwordstate app's update hijacked to install malware in a supply-chain attack after breaching its networks. Supply Chain Attack — Passwordstate Passwordstate password management app notified users on a supply chain attack [...]

By | April 24th, 2021|Data Breach, Mobile Security, Targeted Attacks|0 Comments

ToxicEye Remote Access Trojan Exploits Telegram For C&C

To steal data from victims and update itself to perform additional malicious activities — Telegram exploited by Remote Access Trojan ToxicEye Trojan Exploits Telegram Operators of a new Remote Access [...]

By | April 23rd, 2021|Ransomware, Targeted Attacks|0 Comments

Zero-Day Security Vulnerability — Pulse Connect Secure VPN

Attackers are exploiting zero-day in Pulse Secure VPNs to breach organisations — (CVE-2021-22893) 0-Day Vulnerability Security mitigations released for zero-day vulnerability to assist with determining if systems have been impacted. [...]

By | April 21st, 2021|Security Update, Zero Day Attack|1 Comment

Critical Remote Code Execution Vulnerability — Juniper OS

During external security research a CRITICAL remote code execution vulnerability discovered in overlayd service. CVE-2021-0254 — JUNOS Description A buffer size validation vulnerability in the overlayd service of Juniper Networks [...]

By | April 17th, 2021|Security Update, Software Issues|0 Comments

Apache Critical Security Vulnerability — CVE-2021-27850

Apache released security updates for bypass of older vulnerability — Arbitrary Code Execution Apache Tapestry — Arbitrary Code Execution Vulnerability A critical unauthenticated remote code execution vulnerability was found all [...]

By | April 16th, 2021|Security Update, Software Issues|0 Comments

Critical Security Vulnerability Update — Adobe Photoshop

Adobe has released updates for Windows and macOS for CRITICAL severity vulnerabilities in Photoshop. Photoshop Vulnerability Multiple vulnerabilities were found in Adobe Photoshop. Security updates were released for the below [...]

By | April 16th, 2021|Security Update|0 Comments

Pierre Fabre Group Hit By REvil Cyber Attack — $25 million Ransom

Leading pharmaceutical group Pierre Fabre confirmed a REvil ransomware attack — demanded a $25 million ransom. REvil Ransomware, also known as Sodinokibi, is another strain of ransomware that infects a system [...]

By | April 10th, 2021|Ransomware, Targeted Attacks|0 Comments

Gigaset Mobile Users Targeted Via Hacked Update Server

Android Device Malware Attack Malware infection detected in Gigaset Android devices as external update server got compromised. Gigaset is a German manufacturer of telecommunications devices, including a series of smartphones [...]

By | April 10th, 2021|Mobile Security, Targeted Attacks|0 Comments

Multiple Security Vulnerabilities Affecting Cisco Products

Cisco has released security updates regarding multiple vulnerabilities — considered as CRITICAL severity. Vulnerability Advisory Cisco Small Business Routers — CVE-2021-1459 Description: A vulnerability in the web-based management interface of [...]

By | April 8th, 2021|Security Update|0 Comments

SAP Applications Are Critical Against Old Vulnerabilities

Threat actors targeting widely deployed, mission-critical SAP applications — exposing the networks of commercial and government organizations to attacks. High Severity Attack Critical vulnerabilities in unpatched SAP applications are being [...]

By | April 7th, 2021|Security Update, Targeted Attacks|0 Comments

Critical Vulnerability Update — VMware Carbon Black Cloud Workload Appliance

Security update is available to remediate the critical vulnerability addressing VMware Carbon Black Cloud Workload appliance. CVE-2021-21982 — Bypass Authentication Description A URL on the administrative interface of the VMware [...]

By | April 7th, 2021|Security Update, Software Issues|0 Comments

LinkedIn Phishing Job Offers Targeting Professionals

Fake job offer — phishing campaigns delivering backdoor, targeting job professionals in LinkedIn. LinkedIn Spear-Phishing eSentire’s research team, the Threat Response Unit (TRU), discovered that hackers are spear-phishing victims with [...]

By | April 6th, 2021|Targeted Attacks|0 Comments

Privilege Escalation Vulnerability In Umbraco

Researcher identified in Umbraco CMS — privilege escalation vulnerability allowing attackers to access resources which are normally accessible only by higher-privileged users. Umbraco CMS — CVE-2020-29454 Description: Editors/LogViewerController.cs in Umbraco [...]

By | April 3rd, 2021|Security Update, Targeted Attacks|0 Comments

Attackers Targeting Fortinet FortiOS Servers Using Multiple Exploits

The FBI and CISA warn — APT actors are scanning Fortinet FortiOS for vulnerabilities — to gain access for multiple high-level service networks. FortiOS Vulnerability In March 2021 the Federal [...]

By | April 3rd, 2021|Security Update, Targeted Attacks|0 Comments

Google Chrome Security Vulnerabilities — Stable Channel Update

Chrome - the Stable channel updated to 89.0.4389.114 for Windows, Mac and Linux. Vulnerability Update Chrome addressed with 8 security vulnerabilities. Importantly the update includes HIGH severity vulnerabilities. However, Below [...]

By | April 1st, 2021|Security Update|0 Comments

Android Malware Steals Data Poses As Security Update

Researchers uncovered malware posing as System Update — takes control of the device, steals almost all the data, and perform a variety of invasive actions. System Update Steals Data Latest [...]

By | March 29th, 2021|Mobile Security, Targeted Attacks|0 Comments

Critical Vulnerability SQL Injection, XSS Attacks — MyBB Security Update

MyBB released security updates for multiple vulnerabilities including SQL injection, XSS attacks, bypassing issues. Security Vulnerability MyBB is the free and open source forum software powering thousands of engaging, vibrant, and unique [...]

By | March 20th, 2021|Security Update|1 Comment

Security Vulnerability Update — Intel Cell Modem

A security vulnerability update released by Intel to mitigate this potential vulnerability. CVE-2020-24482 — Intel 7360 Cell Modem Description: Improper buffer restrictions in firmware for Intel(R) 7360 Cell Modem before [...]

By | March 18th, 2021|Security Update, Software Issues|0 Comments

Security Vulnerability Update — Adobe Framemaker

Adobe has released security updates for its products causing Boundary Condition problem. CVE-2021-21056 — Adobe Framemaker Adobe has released a security update for Adobe Framemaker. The specific flaw exists within the parsing of [...]

By | March 16th, 2021|Security Update, Software Issues|0 Comments

DearCry Ransomware Targets Exchange Servers Using ProxyLogon vulnerability

Threat actors are using the recently disclosed zero-day ProxyLogon vulnerabilities — installing a new strain of ransomware called DEARCRY in Exchange servers. Zero-Day Exchange Vulnerability Earlier this month, Microsoft revealed [...]

By | March 14th, 2021|Ransomware, Zero Day Attack|0 Comments

Another Zero-Day Bug Fix — Google Chrome Security Update

Google fixed another 0-day vulnerability in Chrome browser within a month. CVE-2021-21193 — Chrome Zero-Day A new zero-day vulnerability CVE-2021-21193 was addressed by Google. Earlier this month, Google released an update for [...]

By | March 13th, 2021|Security Update, Software Issues, Zero Day Attack|0 Comments

FortiProxy SSL-VPN —Security Vulnerability Update

Fortinet released security fix for the vulnerability — Security ByPass CVE-2021-22128 — FortiProxy SSL VPN FortiProxy — a secure web proxy that protects employees against internet-borne attacks by incorporating multiple detection [...]

By | March 12th, 2021|Security Update|0 Comments

Apple Security Vulnerability Update For Critical Bug

Apple has released security updates for a severe vulnerability affected in Apple Safari, macOS Big Sur, iOS, iPadOS and watchOS. CVE-2021-1844 — Multiple Apple Products Multiple Apple products are vulnerable [...]

By | March 9th, 2021|Security Update, Software Issues|0 Comments

Exchange Server Attacks Against US Local Governments — Zero-Day Vulnerabilities

Zero-Day vulnerabilities are actively exploit — attacks against local US government agencies. Microsoft Exchange Server — Zero-Day Vulnerabilities Mandiant the information security industry acquired by FireEye observed multiple instances of abuse [...]

By | March 6th, 2021|Microsoft, Security Update, Zero Day Attack|0 Comments

Chrome 89 Security Update — Active Zero-Day Vulnerability

Google warned users to update Chrome browser — zero-day vulnerability in the Chrome browser — actively exploited in the wild. Zero-Day Bug — Chrome A zero-day vulnerability is referred as the number [...]

By | March 3rd, 2021|Security Update, Zero Day Attack|0 Comments

iPhone Models Under Risk — New iOS Jailbreak Threat

Jailbreaking threat made possible to all iPhone models under risk as a vulnerability that Apple already been fixed. iOS Jailbreaking Threat actors has updated a jailbreaking tool which allows to [...]

By | March 2nd, 2021|Software Issues, Targeted Attacks|0 Comments

Oxford University Lab System’s Hacked — Studying COVID-19

Research at Oxford University lab studying COVID-19 — attacked by threat actors. COVID-19 Research Researcher from Oxford University evidenced — a laboratory researching COVID-19 was hacked. Coronavirus disease, an infectious [...]

By | February 27th, 2021|Targeted Attacks|0 Comments

Critical Bug In All VMware ESXi and vSphere Client

Security updates are available to remediate multiple vulnerabilities affecting VMware products. vCenter Security Vulenerabilties: Multiple vulnerabilities in VMware ESXi and vSphere Client with the following CVE's were fixed by VMWare: The [...]

By | February 24th, 2021|Security Update|0 Comments

Security Update — Cisco AnyConnect DLL Hijacking

Cisco released security updates for Cisco AnyConnect secure mobility client for windows arbitrary code execution vulnerability. CVE-2021-1366 — Cisco AnyConnect Cisco AnyConnect Secure Mobility Client empowers remote workers with frictionless, [...]

By | February 22nd, 2021|Security Update|0 Comments

Kia Motors Hit By Ransomware Attack — Denied As No Evidence Of Attack

Kia Motors America denied the ransomware attack after a day-long network outages. Ransomware Attack — KMA Kia Motors America (KMA) is headquartered in Irvine, CA with nearly 800 dealers in [...]

By | February 21st, 2021|Ransomware, Targeted Attacks|0 Comments

Zero-Day Vulnerability IBM InfoSphere Information Server

Researchers discovered a zero-day vulnerability on IBM InfoSphere Information Server 8.5.0.0 Description: IBM InfoSphere Information Server is a leading data integration platform with offerings that help you understand, cleanse, monitor, and [...]

By | February 20th, 2021|Security Update, Software Issues|0 Comments

Botnet Targeting Windows, Linux Servers For Two Years

WatchDog botnet performs cryptojacking for almost 2 years to take over windows and linux servers. Daemon — WatchDog: A botnet is a number of Internet-connected devices, each of which is running one or [...]

By | February 18th, 2021|Ransomware, Targeted Attacks|0 Comments

Telegram Sticker Could Expose Your Data To Threat Actors

A Sticker sent to Telegram account could expose data including Secret chats, Photos, etc Animated Sticker Bug — Telegram Telegram — a messaging app with a focus on speed and [...]

By | February 16th, 2021|Mobile Security, Targeted Attacks|0 Comments

Security Advisory — SAP Commerce Critical Vulnerability

Patch released for a new critical vulnerability affecting SAP commerce platforms. SAP Commerce — CVE-2021-21477 SAP Commerce is prone to an arbitrary code execution vulnerability. A Cloud solutions enable you to [...]

By | February 13th, 2021|Security Update|0 Comments

Hackers Modified Drinking Water Levels To Dangerous Parameters In Florida

Threat actors modified the concentration of LYE to dangerous parameters. LYE Level Modified: Anonymous actors accessed computer systems of the Water Treatment facility in the city of Oldsmar, Florida and [...]

By | February 9th, 2021|Targeted Attacks|2 Comments

Multiple Sri Lankan DNS Records Were Poisoned — Including Google.lk

Hackers group has poisoned multiple Sri Lankan domains on Saturday. Defaced .LK Domains: A mysterious group of hacktivists has poisoned the DNS records of several Sri Lankans (.lk) websites on [...]

By | February 8th, 2021|Zero Day Attack|0 Comments

Hezbollah Hackers Targeted Web Servers Using Unpatched Servers

Hackers group Lebanese Cedar attack unpatched Atlassian servers at telcoms, Hosting and ISPs providers. Lebanese Cedar A volatile hacker group “Lebanese Cedar” linked to Lebanese Hezbollah Cyber Unit, has more advanced [...]

By | January 29th, 2021|Targeted Attacks|1 Comment

Linux — SUDO Flaw Let Local User Gain Root Privileges

Sudo vulnerability, local user can exploit this flaw for root privilege escalation. Linux — CVE-2021-3156 Sudo (su "do") allows a system administrator to give users the ability to run commands [...]

By | January 27th, 2021|Security Update, Software Issues|1 Comment

Critical Security Vulnerabilities In Cisco SD-WAN — Update Now

Cisco warns customers about critical security vulnerabilities affecting SD-WAN, DNA, and the Smart Software Manager Satellite. Security Vulnerabilities: Earlier this week, Cisco released a security advisory on multiple vulnerabilities including [...]

By | January 24th, 2021|Security Update, Software Issues|1 Comment

Phishing Campaign: Thousands Of Stolen Passwords Exposed Online

A phishing scam through Google search left thousands of stolen passwords exposed. Phishing Campaign A phishing campaign exposed thousands of corporate employees credentials. In august, attackers initiated a phishing campaign [...]

By | January 22nd, 2021|Targeted Attacks, Tips|0 Comments

Malwarebytes Hit By SolarWinds — Accessed Internal Emails

After Microsoft, FireEye and CrowdStrike, Malwarebytes hit by hacked SolarWinds. Malwarebytes — UNC2452 An Anti-Virus provider for Microsoft Windows, macOS, Android, and iOS, which finds and removes malwares. Yesterday, Marcin [...]

By | January 20th, 2021|Zero Day Attack|0 Comments

Hacker Gained Admin Access — Leads To Data Breach — OpenWRT

User data stolen from OpenWRT Forum leading to a database breach. OpenWRT The OpenWrt Project is a Linux operating system targeting embedded devices. In addition, it is an open-source project [...]

By | January 19th, 2021|Targeted Attacks, Tips|1 Comment

164 Bombarding Android App Caught For Out-Of-Context Ads

More than 10million users installed Android apps that showed out-of-context ads. Android Applications — Out-Of-Context Ads Google security researchers found 164 Android applications bombarding users with out-of-context ads last year. [...]

By | January 18th, 2021|Mobile Security|0 Comments

Windows 10 Serious Flaw Could Corrupt HardDrive — If You Open A Folder

Microsoft to fix Windows 10 bug that can corrupt a hard drive just by opening a folder or just by looking at an icon. NTFS Hard Drive Corrupt A bizarre [...]

By | January 16th, 2021|Security Update, Targeted Attacks|0 Comments

Signal Fixes Verification Delays Caused By WhatsApp Mass Exodus

Encrypted messaging service in Signal — verification process delay affecting its new user, recovered. Encrypted Messaging Service: A cross-platform encrypted messaging service developed by the Signal Foundation and Signal Messenger. [...]

By | January 11th, 2021|Mobile Security, Security Update|0 Comments

Exact Location Of Users Are Exposed — Telegram App Feature

Nearby Share feature can be exploited by adversaries to spoof GPS and get access to users' exact location. Telegram App: A messaging app with a focus on speed and security, [...]

By | January 9th, 2021|Software Issues, Targeted Attacks|0 Comments

The U.S. Department of Justice Email Server Breached — SolarWinds

SolarWinds Hackers accessed Office 365 mailboxes of the U.S. Justice Department’s. SolarWinds Attack Over 100 to 280 organizations installed a trojanized version of the SolarWinds Orion platform that infects internal systems [...]

By | January 7th, 2021|Microsoft, Targeted Attacks|1 Comment

Critical Android Security Update — Addressed 43 Bugs

Google's Android Security Update addressed 43 bugs affecting Android Handsets, including Samsung phones. Android Security Update: The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. However, Security [...]

By | January 6th, 2021|Mobile Security, Security Update|0 Comments