Overview of the New Cyber Attack: Steal-It A new cyber attack campaign is utilizing the PowerShell script linked to a credible red teaming tool to exploit NTLMv2 hashes from compromised Windows systems. These activities, mainly seen in Australia, Poland, and Belgium, have been dubbed Steal-It by Zscaler ThreatLabz. The hackers in this campaign steal and
Read More
A Jovial Look at the New Kid on the Block: HijackLoader The Debutante of Digital Delinquency: HijackLoader Meet HijackLoader, a fresh menace in the cybercrime world. It’s showing its worth among seedy cybercellars by delivering payloads like DanaBot, SystemBC, and RedLine Stealer. Though it might be the new kid on the block, don’t underestimate it
Read More
Spyware Disguised as Telegram Spotted in Google Play Store Article Highlights: Data-harvesting spyware camouflages itself as modified versions of Telegram on the Google Play Store. The malicious app features were discovered by Kaspersky security researcher Igor Golovin. The apps capture and exfiltrate sensitive user information, including names, user IDs, contacts, phone numbers, and chat messages,
Read More
Advanced Installer Misused to Drop Crypto-Mining Malware Main Points An official Windows tool, Advanced Installer, is being used for insidious purposes since November 2021. Threat actors are exploiting this tool to discreetly package crypto-mining malware with legitimate software installers. Adobe Illustrator, Autodesk 3ds Max, and SketchUp Pro were among the infected software. From Bona Fide
Read More
Main Points: UK and US Governments impose sanctions on 11 members of Russia-based TrickBot cybercrime gang. The gang is suspected to have ties to Russian intelligence services. TrickBot has targeted the US government and companies, leading to declarations of cyber-emergencies. Government Response to Cybercrime: The Sanctions are Coming In an attempt to sink the “trick
Read More
Cisco Sweeps Up Security Errors: Patches Critical Bugs Highlights Cisco has produced security patches for several vulnerabilities, consisting a crucial bug that could be hijacked by a threat actor. The gravest issue is CVE-2023-20238, an authentication bypass bug in Cisco BroadWorks with a top-tier CVSS severity rating of 10.0. An attacker could exploit this to
Read More
Summary of Key Points: Microsoft’s Internet Information Services (IIS) is a widely used web server software package created for Windows Server. It’s commonly exploited by threat actors for internet-facing resources, acting as a gateway to access IT environments. New vulnerabilities have arisen, causing security concerns in the IT industry. The Role of Microsoft’s IIS in
Read More
North Korean Cyber-espionage Returns with Social Media Trickery and Zero-Day Exploits 1. An Unsettling Discovery by Google’s TAG Google’s Threat Analysis Group (TAG) has recently stumbled upon a virtual hornet’s nest. The entity behind the troubling activity? None other than our favorite threat actors linked with North Korea. The group appears to be tirelessly targeting
Read More
CISA Flags Unauthorized Access Issues by Nation-State Agents in Fortinet and Zoho Systems The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently issued a warning that Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus have security flaws. Multiple nation-state actors are exploiting these security weak points to gain unauthorized access to, and establish persistence on,
Read More
Apple issues emergency security updates to fix two zero-day exploits Main Points Apple releases emergency updates to iOS, iPadOS, macOS, and watchOS to address zero-day security flaws. The security issues have been reportedly exploited in the wild to carry out the delivery of NSO Group’s Pegasus spyware. CVE-2023-41061 – a problem in the Wallet application
Read MoreNo products in the cart.