14 Cybercriminal Suspects Nabbed in Pan-African Operation INTERPOL and AFRIPOL’s Coordinated Cyber Haul In a “virtual” lockdown of a different kind, a coordinated law enforcement operation engaging 25 African countries has zapped 14 suspected cybercriminals into digital handcuffs. Announced on a Friday that’s good for everyone but the hackers, this operation was spearheaded by none
Read More
Microsoft Detects A New Spin On BlackCat Ransomware Overview: – Microsoft has discovered a new version of the BlackCat ransomware, also known as ALPHV and Noberus – This version has embedded tools like Impacket and RemCom, which are used for lateral movement and remote code execution – The Impacket tool can be used for the
Read More
Google Chrome’s Upcoming Feature: Keeping Users in the Loop of Removed Extensions • Google has plans to integrate a new feature in its Chrome web browser designed to alert the user when an installed extension has been removed from the Chrome Web Store. • The feature is ready to be released with Chrome 117. •
Read More
Under The Radar: The NoFilter Attack Exploits Windows Filtering Platform (WFP) Main Points: A new attack method dubbed ‘NoFilter’ has been exposed, which can abuse the Windows Filtering Platform (WFP) for privilege escalation in Windows OS. Ron Ben Yizhak, a security researcher from Deep Instinct, highlighted that administrative privileges are insufficient for a hacker aiming
Read More
Chips Down: Southeast Asian Gambling Sector Targeted by Bronze Starlight Cyber Attack An ongoing cyber attack originating from China is aiming its darts at the Southeast Asian gambling industry. The attackers aim to deploy Cobalt Strike beacons on the compromised systems to gain control. Cybersecurity firm, SentinelOne, suggests the TTPs (tactics, techniques, and procedures) hint
Read More
Main Points: – Cybersecurity researchers discovered a new post-exploit persistence method on iOS 16 – The technique can bypass apparent offline status and maintain access despite the device being on Airplane Mode – The attacker gains access after successfully exploiting the device and creates an artificial ‘sleep’ state – The tactic employs a custom SSH
Read More
Cybersecurity and Dynamic Work Environments Work environments have undergone considerable changes, significantly influencing cybersecurity and network monitoring. Developers frequently establish and dismantle systems, creating potential vulnerabilities by exposing services online. Staying updated about user activities, changes, and services can be challenging, as internet-based attack surfaces are often in a state of flux. Revolutions in Work
Read More
Russian Threat Actors Target Ministries of Foreign Affairs of NATO-Aligned Countries Russian Threat Actors on Cyber Siege: A Scandal More Riveting than a Telenovela Looks like someone’s been a little too busy in the shadows. Russian threat actors have been reportedly orchestrating a widespread campaign against none other than the ministries of foreign affairs of
Read More
Active Exploitation of a Critical Citrix ShareFile Storage Zones Controller Security Flaw Key Points The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has included a critical Citrix ShareFile flaw in its Known Exploited Vulnerabilities (KEV) catalog. The flaw, known as CVE-2023-24489, has a high CVSS score of 9.8—just a hair’s breadth away from a perfect
Read More
IT Teams’ Thorny Romance with Credential Theft Main Points: As we cross midway into 2023, credential theft continues to frustrate IT teams. Data’s value to cybercriminals and their evolving harmful techniques deepen the problem. The 2023 Verizon Data Breach Investigations Report shows 83% of breaches involve external actors – mostly financially driven. A Constant Pain
Read MoreNo products in the cart.