Active malware campaign targeting Latin America, particularly Brazil and Mexico. The campaign is distributing a new variant of a banking trojan called “BBTok”. BBTok is imitating the interfaces of over 40 Mexican and Brazilian banks, tricking victims into entering two-factor authentication (2FA) codes or payment card numbers. Cyber Sneak Attack in Latin America Are you
Read More
Evaluating Cybersecurity Capabilities: The Importance of Independent Tests Stress Testing Security Measures The machine that operates behind cybersecurity is as mystifying as the one behind your touch-screen toaster. Today we discuss something of utmost importance: independent tests in analyzing the safety service provider’s ability to fend off advanced threats. Like a reliable food critic testing
Read More
A Mélange of Cyber-attacks: OilRig Orchestrates Outer Space and Juicy Mix Campaigns Main Points: Israeli organizations targeted in two separate cyber-attack campaigns – Outer Space and Juicy Mix, in 2021 and 2022. The Iranian cyber-espionage group, OilRig, anchored these campaigns. The campaigns employed two initially documented backdoors, Solar and Mango. Solar and Mango intended to
Read More
Australian Software Company Atlassian and ISC Announce Several High-Severity Security Flaws Atlassian and ISC have Disclosed Several Security Flaws in their Products Australia’s own software services provider, Atlassian, along with the Internet Systems Consortium (ISC), have let the kangaroo out of the bag, revealing several security weaknesses in their products. These flaws, if exploited cunningly
Read More
Apple Takes Security Measures Up a Notch with New Patches For Its Operating Systems In the world of tech; when it rains, it pores. And by ‘pores’, we mean security patches. Apple has sprung into action and released a fresh round of security patches to tackle three actively exploited zero-day vulnerabilities that affect its iOS,
Read More
Main Points: – A previously unknown threat actor, Sandman, has been identified as the perpetrator of cyber attacks on telecommunication providers in the Middle East, Western Europe, and the South Asian subcontinent. – The intrusions make use of a just-in-time compiler for the Lua programming language, known as LuaJIT, to introduce a unique implant called
Read More
The Peer-to-Peer Party is Getting Wild: P2PInfect Malware Spikes 600x in a Week The P2PInfect had a remarkable activity surge since late August 2023. The malware saw a whopping 600x jump between September 12th and 19th, 2023. The surge in activity coincided with a notable increase in P2PInfect variants seen in the wild. Developers of
Read More
Main Points: – Security teams face threats from third-party applications commonly installed by employees. – These apps are designed to link to a hub app like Salesforce, Google Workspace, or Microsoft 365. – The main security concerns arise from the permissions these third-party apps are granted, which potentially increases risk. Threats Looming from Third-Party Apps
Read More
**Main Points:** – China’s Ministry of State Security (MSS) accused the U.S. of hacking into Huawei’s servers and stealing critical data since 2009. – The accusations were posted in a message on WeChat. – This alleged activity occurred amid growing geopolitical tensions between China and the U.S. – The MSS claims that U.S. intelligence agencies
Read More
Dubbing the E-Crime Group: Unveiling the Elusive Gold Melody • A financially driven threat actor has been exposed as an initial access broker (IAB)—a kind of bouncer at the cybercrime club, deciding who gets passed the virtual velvet rope. • This group has been given the name “Gold Melody” by the SecureWorks Counter Threat Unit
Read MoreNo products in the cart.