North Korea-linked Lazarus Group Targets Infrastructure with QuiteRAT Main points: – Lazarus Group, associated with North Korea, is exploiting a patched vulnerability in Zoho ManageEngine ServiceDesk Plus. – The group is distributing a remote access trojan called QuiteRAT. – Targets include internet backbone infrastructure and healthcare organizations in Europe and the U.S. Zoho ManageEngine ServiceDesk
Read More
• A new operation uses harmful Telegram bot, Telekopye, in financial scams. • Telekopye is a toolkit for creating phishing web pages and sending URLs to potential victims. • The victims, tagged as Mammoths, may unknowingly help in the scamming operation. ‘Tele’-bly Troubling Technological Tactics Meet the newest bad bot on the block, “Telekopye”. It’s
Read More
Look Before You Leap: The Risks of Public Wi-Fi Public Wi-Fi is often a welcome oasis in the desert of cyberspace, but tread lightly, because it’s not as safe as you might think. Here, we’ll delve into the risks that this seemingly benign convenience poses to users and businesses. Main Points: The ubiquity of public
Read More
A ‘Fire’y Flaw: Thousands of Openfire XMPP Servers At Risk Unpatched Openfire XMPP servers are vulnerable to a high-severity flaw, as revealed in a VulnCheck report. The flaw has been registered as CVE-2023-32315 with a CVSS score of 7.5. The vulnerability alludes to a path traversal vulnerability in Openfire’s administrative console, potentially allowing an unauthenticated
Read More
U.S. Justice Department Cracks Tornado: A Storm of Money Laundering Charges Here are the main points we will be touching on: – The U.S. Justice Department unseals indictment against Tornado Cash Founders – Founders charged for laundering over $1 billion – Individuals Roman Storm and Roman Semenov facing charges of money laundering, and sanctions violations
Read More
The “Hide Yo’ Crypto, Hide Yo’ Coins” Bugle Main Points: The U.S. FBI has produced a warning that threat actors possibly connected to North Korea could be planning a $40 million cryptocurrency cash out. The suspect of the operation is identified as TraderTraitor, alternatively referred to as Jade Sleet. The FBI has carried out an
Read More
– A malevolent collection of tools, known as Spacecolon, is being utilized in an active campaign to disperse versions of the Scarab ransomware across victimized organizations worldwide. – The tool likely infiltrates victim organizations by its operators exploiting weak web servers or forcefully gaining RDP (Remote Desktop Protocol) credentials. – These details were shared in
Read More
## List of Main Points: – Over a dozen malicious packages have been found on the npm package repository since the beginning of August 2023. – These packages have the ability to deploy a weapon named Luna Token Grabber, an open-source information stealer. – The target? Systems belonging to Roblox developers. – The campaign was
Read More
SaaS Security: The Fun, Frustration, and Fine Print Main Points: The State of SaaS Security Posture Management Report by AppOmni reveals that leaders in Cybersecurity, IT, and business recognize the increasing importance of SaaS cybersecurity. The respondents of the report seem generally optimistic about their current SaaS cybersecurity. The study involved over 600 IT, cybersecurity,
Read More
Unmasking New Cyber Threat: Carderbee Strikes Asia Key Takeaways: A newly discovered cyber threat cluster, named “Carderbee” by Symantec Threat Hunter Team, is causing havoc in Asia, chiefly Hong Kong. This digital hornet’s nest is spreading via trojanized software streams, particularly targeting legitimate software. The Cyber Sting of Carderbee Make room, fellow technophiles! There’s a
Read MoreNo products in the cart.