QakBot Operators Spice up Malware Scene with New Command-and-Control Servers Main Points: QakBot (QBot) malware operators have created 15 new command-and-control (C2) servers since June 2023. This insight resulted from Team Cymru’s continual analysis of the malware’s infrastructure. This follows the findings of Lumen Black Lotus Labs, which revealed that 25% of C2 servers operate
Read More
Cloud-Based Communication: Hacker’s New Preferred Tool Threat actors are exploiting Cloudflare Tunnels to establish covert communication and maintain persistent access. Cloudflared, functionally similar to ngrok, is preferred due to its higher usability for free. Nic Finn, a senior threat intelligence analyst at GuidePoint Security, highlighted this issue. Threat Actors Going Underground with Cloudflare Tunnels New
Read More
**Main Points** – Introduction of Microsoft Active Directory in 1999 as a default identity and access management service in Windows networks. – Microsoft Active Directory is responsible for assigning and enforcing security policies across networks and enabling access to resources. – The emergence of new-age technology, prompting Microsoft to introduce Azure Active Directory a few
Read More
Unknown Threat Actor Wields New Yashma Ransomware Variant Main Points: An unknown threat actor is using a new variant of the Yashma ransomware. The operation has been active at least since June 4, 2023. The targets are varied, spanning English-speaking countries, Bulgaria, China, and Vietnam. Cisco Talos links the operation with moderate confidence to a
Read More
Living Off the Land: Threat Actors Get More Creative! Main points: – Security researchers find 11 new binaries-and-scripts that pose a threat to system security – These crafty scripts and binaries, called LOLBAS, may be repurposed for malicious activity – By using already existing system parts, LOLBAS slips past security – Pentera’s researcher, Nir Chako,
Read More
Unusual Malware Campaign Bites Cyber Crooks – A new malware campaign uses harmful OpenBullet configuration files. – Inexperienced cybercriminals are primarily targeted, with an underlying intent of deploying a remote access trojan (RAT) capable of stealing confidential information. – Kasada, a bot mitigation company, reported this activity which exploits ‘trusted’ criminal networks. Payload Promising Yet
Read More
North Korean Intruders Say ‘Hello’ To Russian Missile Engineering Firm Major Points: Both North Korean nation-state cyber actor groups are spotted attacking the Russian missile engineering company, NPO Mashinostroyeniya. SentinelOne, a cybersecurity firm, has found “two instances of North Korea related compromise of sensitive internal IT infrastructure.” The cyber attacks included an email server compromise
Read More
Main Points The significance of evolving and updated security solutions in today’s interconnected society. The vital role of collaboration between various intelligence gathering and information sharing solutions. The concept of multiple-source intelligence gathering and its relevance in identifying and preventing digital threats. Heading 1: The Ever-Increasing Need for Tightened Security In this era we might
Read More
A Virtual Sting: FBI Warnings About Cyber Critters in NFT Space Here’s a quick rundown of what you need to soak in: – FBI is alerting about online weirdos pretending to be legitimate NFT developers to snatch digital assets. – Fraudsters are either hijacking real NFT developer’s social media accounts or fashioning doppelgänger accounts to
Read More
Managed Detection and Response (MDR): The Guardian Angel for Your Organization’s Security – Managed Detection and Response (MDR) plays a key role in improving an organization’s security. – MDR gives businesses the convenience of outsourcing the management of Endpoint Detection and Response (EDR) products. – MDR services have the ability to detect and neutralize threats
Read MoreNo products in the cart.