# Data of VirusTotal Customers Leaks Online ## Introduction In an unfortunate turn of events, it has been discovered that data associated with some customers of VirusTotal, a well-known security service, has leaked on the internet. The leaked data includes the names and email addresses of a subset of registered customers of VirusTotal. ## The
Read More
FIN8 Introduces Revamped Backdoor to Deliver BlackCat Ransomware The Main Points: – FIN8, a financially motivated threat actor, has been observed using a “revamped” version of a backdoor called Sardonic. – The purpose of this new development is to deliver the BlackCat ransomware. – FIN8 is diversifying its focus and aiming to maximize profits from
Read More
Threat Actors Exploit Critical Security Flaw in WooCommerce Payments Plugin Overview Threat actors have discovered and are actively exploiting a critical security flaw found in the WooCommerce Payments WordPress plugin. This flaw, designated as CVE-2023-28121, has a high severity score of 9.8. It allows attackers to bypass authentication and impersonate users, granting them unauthorized access
Read More
h1: JumpCloud Reports Security Incident and Points to Nation-State Actor h2: Intrusion by Sophisticated Nation-State Actor In a recent security incident, JumpCloud, a provider of cloud-based directory services, reported that their systems were accessed by a sophisticated nation-state actor. This intrusion led to the company resetting API keys for affected customers. h3: Specific Targeting of
Read More
Threat Actors Trick Android Users with Malicious Web Apps Overview: Threat actors are using Android’s WebAPK technology to deceive users into installing malicious web apps on their phones, aimed at stealing sensitive personal information. This attack starts with victims receiving SMS messages that suggest updating a mobile banking application. Attack Details: Researchers from CSIRT KNF
Read More
consider: 1. What is the scope of the attack surface management solution? Does it cover all types of assets, such as cloud services, websites, APIs, and IoT devices? 2. How does the ASM vendor prioritize vulnerabilities? Do they provide a risk score or ranking system to help you prioritize remediation efforts? 3. What automation capabilities
Read More
Cyber Attacks on the Rise: Infected USB Drives as Access Vectors Introduction In the first half of 2023, cyber attacks using infected USB drives have seen a significant increase, tripling in volume. Mandiant, a cybersecurity company, released a report detailing two major campaigns, named SOGU and SNOWYDRIVE. These campaigns targeted public and private sector organizations
Read More
Microsoft Word Documents Used as Phishing Lures for LokiBot Malware Introduction Microsoft Word documents have been discovered as the latest tool for cybercriminals to drop LokiBot malware onto compromised systems. LokiBot, a well-known information-stealing Trojan, primarily targets Windows systems to gather sensitive information. Main Points: Microsoft Word documents exploiting known remote code execution flaws are
Read More
Gamaredon: Data Exfiltration in Record Time Introduction The Russia-linked threat actor, Gamaredon, has been making waves in the cybersecurity world with its swift data exfiltration activities. Researchers have discovered that this group is capable of extracting sensitive data within just one hour of infiltrating a system. Main Points: – Gamaredon, a Russian-based threat actor, is
Read More
BlackBerry President John Giamatteo Advocates for Government Intervention in AI Risks Introduction In an interview with TechRepublic, BlackBerry President John Giamatteo spoke about the risks associated with artificial intelligence (AI) and the need for government intervention. Giamatteo’s Opinion on AI Risks Giamatteo believes that AI risks are real and need to be taken seriously. He
Read MoreNo products in the cart.