A Sneaky SideTwist from APT34 APT34, the notorious Iranian threat actor, has been associated with a new phishing attack that aids in deploying a backdoor variant known as SideTwist. The attack technology applied by APT34 is considered highly advanced, indicates NSFOCUS Security Labs. The bad actor is capable of designing unique intrusion tactics for diverse
Read More
CISOs: The New Masters of the Tech Universe As the digital landscape complexifies, the role of the Chief Information Security Officer (CISO) is becoming increasingly central to businesses’ success. CISOs are tasked with managing digital threats, fostering innovation, and maintaining business continuity. Insights from three notable CISOs reveal their experiences and strategies in the field.
Read More
Breakdown of Schweitzer Engineering Labs’ Security Flaws Main Points Nine security flaws were identified in electrical power management products made by Schweitzer Engineering Laboratories (SEL). The most critical of these could potentially allow Remote Code Execution (RCE) on an engineering workstation. The issues are tracked as CVE-2023-34392 and CVE-2023-31168 as per Nozomi Networks’ report. Detailed
Read More
Unveiling the Secret Phishing Empire Attacking Microsoft 365 Business Emails An unknown “phishing empire” has been attacking Microsoft 365 business email accounts for the past six years. The cybercriminal created a secretive marketplace called W3LL Store for a closed community of at least 500 threat actors. These threat actors could buy a customized phishing kit
Read More
Defusing a Digital Bomb: Ukraine’s Cybersecurity Clutch Main Points: The Computer Emergency Response Team of Ukraine (CERT-UA) successfully thwarted a cyber attack targeted towards an unnamed energy infrastructure facility. The attack had been initiated via a phishing email which contained a link to a malicious ZIP archive, responsible for beginning the infection chain. The seemingly
Read More
Reloaded: BLISTER Malware Loader Facilitates Precise Targeting The updated version of a malware loader known as BLISTER is now being used in the SocGholish infection chains to disseminate an open-source command-and-control (C2) framework called Mythic. The latest BLISTER update features a crucial keying functionality that enables precise target focusing on specific victim networks, thereby reducing
Read More
North Korean Actor ‘Andariel’ Turns to Go Lang Malware for Corporate Assaults Main Points North Korean threat actor, Andariel, has changed its cyber-battle strategy by utilizing an arsenal of malicious software written in the Go language. The attacks are targeting corporate and organizational networks in South Korea. According to the AhnLab Security Emergency Response Center
Read More
Breaking Down IBM’s “Cost of a Breach” Report Here’s a list of the main points from IBM’s 2023 “Cost of a Breach” report: – The average cost of a data breach is on the rise. – Organizations are responding differently to cybersecurity threats. – Certain technologies are helping reduce costs in case of breaches. A
Read More
Main points: The importance of online security in every organization, irrespective of its size or industry. Adoption of Multi-Factor Authentication (MFA) as a critical tool for maintaining digital security. Online security: a non-negotiable golden buzzer in the digital enterprise These days, it’s not just the physical world where business thrives. The digital realm is all
Read More
Crafty ‘Chaes’ Ups the Ante: The Malware Banking and Logistics Industries Should Watch Out For Main points: – The industry of banking and logistics is under attack by a reworked variant of the Chaes malware. – The malware has been rewritten in Python leading to decreased detectability. – Maintenance of its communication protocol has significantly
Read MoreNo products in the cart.