Highlights The recent CACTUS ransomware campaign exploits vulnerabilities in Qlik Sense. The first recorded instance of threat actors using these weaknesses for initial access in deploying CACTUS ransomware. Prickly Situation with the CACTUS Ransomware Campaign Here’s a prickly piece of news for Qlik Sense users. The recent CACTUS ransomware campaign has found an all-you-can-eat buffet
Read More
Main Points – Generative AI, a technology that creates new data, is potentially revolutionizing the field of Cybersecurity. – This type of AI can improve security operations by simulating cyber threats for better defense mechanisms. – Generative AI can also aid in security education, by creating realistic examples of potential cyber threats. – Despite its
Read More
U.S. Slaps Sanctions on ‘Sinbad’: A Virtual Currency Used by bads The U.S. Treasury Department imposes sanctions against virtual currency mixer, Sinbad Sinbad is linked to the North Korea-based Lazarus Group It has processed millions of dollars from Lazarus Group heists, including the Horizon Bridge and Axie Infinity heists Uncle Sam’s Chain on the Blockchain:
Read More
Headlines: – U.S. cybersecurity group responds to Iranian-backed cyber attack on municipal water supplier. – Municipal Water Authority of Aliquippa in Pennsylvania targeted using Unitronics programmable logic controllers (PLCs). – Cyber Av3ngers, an Iranian-supported hacking group, claimed responsible for the attack. Article: Troubled Waters: Cyber Attack Hits Pipeline According to the U.S. Cybersecurity and Infrastructure
Read More
**Main Points**: 1. Necessity to reevaluate web security in an evolving digital landscape. 2. Traditional antivirus approach’s failings and need for proactive web security. 3. Introduction to a new report discussing reasons for proactive web security. 4. A link to download the full report. Revisiting Web Security, Conventional Crash Helmets Not Enough? With the digital
Read More
A Malware Algorithm with a Twist: Iranian Bank-Hunting with a Pinch of Stealth • Android malware campaign focusing on Iranian banks enhances its capabilities and utilize extra evasion tactics. • More than 200 associated malicious apps discovered by Zimperium. • The threat actor also implements phishing attacks against targeted financial institutions. An Adaptive Nemesis: Expanding
Read More
Okta Unveils More Details on 2023 Support System Breach Main Points: Okta, the identity services provider, announces new findings regarding the breach of their support case management system from October 2023. The threat actor involved managed to download the names and email addresses of all Okta customer support system users. All Okta Workforce Identity Cloud
Read More
A Sneaky Ransomware Dance: DJVU Variant in Cracked Software Main points: – A variant of the known ransomware strain, DJVU, has been found distributed through cracked software. – This uncommon DJVU variant appends a “.xaro” extension to infected files and demands ransom for decryption. – The attacks were observed alongside various commodity loaders and infostealers.
Read More
Breakdown of Security Flaw in Apache ActiveMQ Exploited by Threat Actors This text discusses a recently exposed security flaw in Apache ActiveMQ that threat actors are actively exploiting. The malicious use focuses on the distribution of a new Go-based botnet known as GoTitan and a .NET program, PrCtrl Rat. The attacks exploit a remote code
Read More
Up-to-the-Minute Chrome Security Patch Main Points: Google has patched seven security flaws in its Chrome browser. Among them, is a zero-day bug under active exploitation, identified as CVE-2023-6345. This high-severity vulnerability features an integer overflow issue in Skia, an open source 2D graphics library. The discovery and reporting of this vulnerability was done by Benoît
Read MoreNo products in the cart.