ShadowPad Compromises Multiple Entities in Pakistan An unidentified threat actor infiltrated an application used by various entities in Pakistan to distribute ShadowPad, a backdoor commonly associated with Chinese hacking groups. An application used by multiple organizations in Pakistan became the target of a cyber attack. The attacker used the compromised application to deliver ShadowPad, a
Read More
Cybersixgill’s Monthly Threat Reports: Uncovering the Shady World of Threat Actors Stay Ahead of the Game with Insider Information from the Cybersecurity Experts Cybersixgill, a leading cybersecurity company, brings you captivating and eye-opening stories about the latest tactics, techniques, and procedures used by threat actors in the dark corners of the internet. Through their monthly
Read More
# Data of VirusTotal Customers Leaks Online ## Introduction In an unfortunate turn of events, it has been discovered that data associated with some customers of VirusTotal, a well-known security service, has leaked on the internet. The leaked data includes the names and email addresses of a subset of registered customers of VirusTotal. ## The
Read More
FIN8 Introduces Revamped Backdoor to Deliver BlackCat Ransomware The Main Points: – FIN8, a financially motivated threat actor, has been observed using a “revamped” version of a backdoor called Sardonic. – The purpose of this new development is to deliver the BlackCat ransomware. – FIN8 is diversifying its focus and aiming to maximize profits from
Read More
Threat Actors Exploit Critical Security Flaw in WooCommerce Payments Plugin Overview Threat actors have discovered and are actively exploiting a critical security flaw found in the WooCommerce Payments WordPress plugin. This flaw, designated as CVE-2023-28121, has a high severity score of 9.8. It allows attackers to bypass authentication and impersonate users, granting them unauthorized access
Read More
h1: JumpCloud Reports Security Incident and Points to Nation-State Actor h2: Intrusion by Sophisticated Nation-State Actor In a recent security incident, JumpCloud, a provider of cloud-based directory services, reported that their systems were accessed by a sophisticated nation-state actor. This intrusion led to the company resetting API keys for affected customers. h3: Specific Targeting of
Read More
Threat Actors Trick Android Users with Malicious Web Apps Overview: Threat actors are using Android’s WebAPK technology to deceive users into installing malicious web apps on their phones, aimed at stealing sensitive personal information. This attack starts with victims receiving SMS messages that suggest updating a mobile banking application. Attack Details: Researchers from CSIRT KNF
Read More
consider: 1. What is the scope of the attack surface management solution? Does it cover all types of assets, such as cloud services, websites, APIs, and IoT devices? 2. How does the ASM vendor prioritize vulnerabilities? Do they provide a risk score or ranking system to help you prioritize remediation efforts? 3. What automation capabilities
Read More
Cyber Attacks on the Rise: Infected USB Drives as Access Vectors Introduction In the first half of 2023, cyber attacks using infected USB drives have seen a significant increase, tripling in volume. Mandiant, a cybersecurity company, released a report detailing two major campaigns, named SOGU and SNOWYDRIVE. These campaigns targeted public and private sector organizations
Read More
Microsoft Word Documents Used as Phishing Lures for LokiBot Malware Introduction Microsoft Word documents have been discovered as the latest tool for cybercriminals to drop LokiBot malware onto compromised systems. LokiBot, a well-known information-stealing Trojan, primarily targets Windows systems to gather sensitive information. Main Points: Microsoft Word documents exploiting known remote code execution flaws are
Read MoreNo products in the cart.