BlueNoroff Connected to Newly Identified macOS Malware: ObjCShellz BlueNoroff, a North Korea-linked nation-state group, has been linked to a new macOS malware strain named ObjCShellz. The details about the malware were disclosed by cybersecurity group Jamf Threat Labs. The malware has been detected in RustBucket malware campaign unveiled earlier this year. North Korea’s BlueNoroff Fingered
Read More
New Malware on The Block: GootBot GootLoader hackers have introduced a new variant of malware known as GootBot. GootBot specializes in facilitating lateral movement on compromised systems, evading detection. The introduction of this custom bot in the late stages of their attack chain is intended to avoid detections that conventional tools like CobaltStrike or RDP
Read More
ChatGPT – A Double-Edge Sword of Creativity and Security Risk ChatGPT, an AI chatbot, is a high-rising consumer application due to its ability to produce human-like and contextually relevant responses. While it is primarily used as a creativity tool, hackers could potentially exploit it for malicious purposes. Despite the security risk, cyber defenders can also
Read More
SideCopy Exploits WinRAR Vulnerability to Target Indian Government Main Points The Pakistan-linked threat actor SideCopy has been exploiting the WinRAR security vulnerability. This attack targets Indian government entities to deliver remote access trojans (RATs) like AllaKore RAT, Ares RAT, and DRat. Enterprise security firm SEQRITE described the campaign as multi-platform, designed to infiltrate both Windows
Read More
Ransomware Groups Exploiting Flaws in Atlassian Confluence and Apache ActiveMQ Several ransomware groups are taking advantage of recently disclosed flaws in Atlassian Confluence and Apache ActiveMQ. Security firm Rapid7 detected exploitation of CVE-2023-22518 and CVE-2023-22515 in multiple user environments, with some deployments of Cerber ransomware. Both of these vulnerabilities are critical, empowering threat actors with
Read More
Veeam Updates its ONE IT Monitoring Platform to Fix Four Flaws Released Security Updates Veeam, your favorite virtual vacuum that sucks up IT issues, has recently released security updates. It’s mopping up four flaws identified in its ONE IT monitoring and analytics platform. Just goes to show, there’s nothing like a good clean sweep in
Read More
Quick Update: QNAP Patches Two Critical Security Bugs To embark on a cyber journey, here are the main cyber waypoints: – QNAP issued security updates to fix two critical security glitches in its operating system. – CVE-2023-23368 (with a concerning CVSS score of 9.8) is a command injection bug impacting QTS, QuTS hero, and QuTScloud.
Read More
Updated Jupyter Malware Comes with a Stealthy Makeover Main Points An updated version of the Jupyter malware has been identified with crucial changes for increased stealth. The malware uses modified PowerShell commands and signatures of private keys to mask itself as a legitimate tool. This new wave of Jupyter Infostealer attacks is more persistent, potentially
Read More
Operational 404 – A Case of Serious Cyber Mischief Serious and repeated cyber attacks have been launched targeting Israeli’s higher education and tech sectors since January 2023 The motive behind these attacks is to deploy an unseen wiper malware The cyber miscreants, named “Agonizing Serpens/Agrius”, reported to be an Iranian state-sponsored hacking group, are said
Read More
U.S. Treasury Places Sanctions on Cybercurrency Laundress • The U.S. Department of Treasury has implemented sanctions against Ekaterina Zhdanova, a Russian woman involved in virtual currency laundering for Russian elites and cybercriminal groups. • Zhdanova has been instrumental in facilitating large cross border transactions to aid Russian personas access to Western finances. • She also
Read MoreNo products in the cart.