Anatomy of a New Phishing Attack via Facebook Messenger Main points: – A new form of phishing attack is spreading via Facebook Messenger. – The attack originates from a Vietnamese group and uses fake/hijacked personal accounts to send messages. – These messages come with a small yet potent file attachment. – The Python-based stealer contained
Read More
Charming Kiten Targets Israel, Brazil, and U.A.E with New Backdoor Named “Sponsor” In internet espionage, it’s not all about cool names and quirky codenames but Charming Kiten really takes the cake! This Iranian threat actor has been linked to a new wave of cyber-attacks recently targeting entities in Brazil, Israel, and the U.A.E. This time,
Read More
– APIs have grown in popularity due to our increased reliance on web applications and digital platforms. – APIs facilitate communication between different applications, playing a crucial part in modern software development. – The surge in API use has coincided with a rise in API breaches. The Age of APIs: Connecting Our Digital World Remember
Read More
Google Unleashes Privacy Sandbox in Chrome: A Private Measure Four Months in the Making Main Points: * Google’s Privacy Sandbox has officially started its rollout to most of its Chrome web browser users. * The initiative was first announced nearly four months ago by Google. * Google emphasizes the criticality of simultaneously bolstering privacy and
Read More
Overview of the New Cyber Attack: Steal-It A new cyber attack campaign is utilizing the PowerShell script linked to a credible red teaming tool to exploit NTLMv2 hashes from compromised Windows systems. These activities, mainly seen in Australia, Poland, and Belgium, have been dubbed Steal-It by Zscaler ThreatLabz. The hackers in this campaign steal and
Read More
A Jovial Look at the New Kid on the Block: HijackLoader The Debutante of Digital Delinquency: HijackLoader Meet HijackLoader, a fresh menace in the cybercrime world. It’s showing its worth among seedy cybercellars by delivering payloads like DanaBot, SystemBC, and RedLine Stealer. Though it might be the new kid on the block, don’t underestimate it
Read More
Spyware Disguised as Telegram Spotted in Google Play Store Article Highlights: Data-harvesting spyware camouflages itself as modified versions of Telegram on the Google Play Store. The malicious app features were discovered by Kaspersky security researcher Igor Golovin. The apps capture and exfiltrate sensitive user information, including names, user IDs, contacts, phone numbers, and chat messages,
Read More
Advanced Installer Misused to Drop Crypto-Mining Malware Main Points An official Windows tool, Advanced Installer, is being used for insidious purposes since November 2021. Threat actors are exploiting this tool to discreetly package crypto-mining malware with legitimate software installers. Adobe Illustrator, Autodesk 3ds Max, and SketchUp Pro were among the infected software. From Bona Fide
Read More
Main Points: UK and US Governments impose sanctions on 11 members of Russia-based TrickBot cybercrime gang. The gang is suspected to have ties to Russian intelligence services. TrickBot has targeted the US government and companies, leading to declarations of cyber-emergencies. Government Response to Cybercrime: The Sanctions are Coming In an attempt to sink the “trick
Read More
Cisco Sweeps Up Security Errors: Patches Critical Bugs Highlights Cisco has produced security patches for several vulnerabilities, consisting a crucial bug that could be hijacked by a threat actor. The gravest issue is CVE-2023-20238, an authentication bypass bug in Cisco BroadWorks with a top-tier CVSS severity rating of 10.0. An attacker could exploit this to
Read MoreNo products in the cart.