Android Banking Trojan ‘Xenomorph’ Targets Major US Financial Institutions There’s an updated version of an Android banking trojan, named ‘Xenomorph’, that’s targeting over 35 financial institutions in the U.S. The Dutch security firm ThreatFabric reported this campaign. The trojan uses phishing web pages, trying to bait victims into installing malicious Android apps. The targeted app
Read More
Breaking Down the Network Effect Threat Report Report Utilization for Improving Cybersecurity – Enhance situational awareness of techniques employed by malicious tech bandits – Recognize potential cyber booby traps targeting your digital playground – Collect guidance to accelerate your cybersecurity sprint and cross the threat response finish line Enhancing Situational Awareness of Techniques Used by
Read More
Chinese State-Sponsored Cyber Espionage Targets South Korean Organizations Main Points: A multi-year, Chinese state-sponsored cyber espionage campaign targets South Korean academic, political, and government outfits. Recorded Future’s Insikt Group tracks the activities and dubs it as TAG-74. TAG-74 is linked to Chinese military intelligence. Major targets include sectors like academia, aerospace and defense, and the
Read More
A Critical Flaw in JetBrains TeamCity Software Patched – A serious security loophole in the JetBrains TeamCity continuous integration and delivery software could be exploited by unauthorized hackers to carry out remote code execution on impacted systems. – This weakness goes by the technical name CVE-2023-42793, packs quite a punch with a CVSS score of
Read More
Drone Manual Themed Phishing Campaign Targets Ukrainian Military Main Points: Ukrainian military entities are targets of a phishing campaign that uses drone manuals to deliver Merlin, a Go-based open-source post-exploitation toolkit. Drones or Unmanned Aerial Vehicles (UAVs) play a critical role in the Ukrainian military, which is why malware-infected files are disguised as UAV service
Read More
Main Points: Weak password policies expose organizations to attacks. Typical password complexity requirements may not adequately secure organizations. 83% of compromised passwords can meet standard password complexity and length requirements. Attackers have access to billions of stolen credentials that can then endanger additional accounts. Weak Password Policies and Their Risk There’s no use sugar-coating it
Read More
Generative AI: The Savior or The Villain of Our Tech Tale Is it a bird? Is it a plane? No, it’s Generative AI, stepping into the tech arena like a caped Crusader. Gracing us with bountiful opportunities for innovation, Ai tools like ChatGPT are making productivity look like it’s taking performance-enhancing software. Serving the business
Read More
EvilBamboo Remains Stubborn and Focused: Targeting Tactics Shift Towards Asian Minorities Tibetan, Uyghur, and Taiwanese groups targeted by threat actor known as EvilBamboo. Efforts to gather sensitive information by generating fake websites and social media profiles. Volexity security researchers highlighted browser-based exploit deployment. Evasive, Elusive, and Ethically Disputable: EvilBamboo Targets Vulnerable People Groups Just when
Read More
Chinese Cyber Espionage Swarms Southeast Asia Main Points: – An unnamed Southeast Asian government has fallen victim to numerous cyber-espionage campaigns linked to Chinese threat actors. – These attacks targeted the region over extended periods, sometimes concurrently targeting the same victims’ machines. – Each attack employed unique tools, modus operandi, and infrastructure, as reported by
Read More
Apple Fixes Three Zero-Day Flaws Used in Predator Spyware Attack Three zero-day vulnerabilities in Apple devices were exploited to target former Egyptian politician, Ahmed Eltantawy with Predator spyware. The attack happened between May and September 2023, after Eltantawy announced his intentions to run for Egypt’s 2024 Presidential race. Apple deployed security patches to address these
Read MoreNo products in the cart.