# Kimsuky Targets Experts with Social Engineering Campaign ## Overview The notorious North Korean nation-state threat actor, Kimsuky, has been found to be running a social engineering campaign. The goal of the campaign is to steal Google credentials and deliver reconnaissance malware. This targeted attack is aimed at experts in North Korean affairs. ## Stealing
Read More
VMware: Aria Operations for Networks Fixed Against Three Flaws Overview VMware, a virtualization and cloud computing software provider, has recently issued security updates for Aria Operations for Networks to address three vulnerabilities. These loopholes in the system can lead to information disclosure and remote code execution by attackers. The Most Critical Vulnerability The most hazardous
Read More
Barracuda Urges Customers to Replace Appliances Affected by Zero-day Flaw Enterprise security company, Barracuda, has issued a warning to its customers to replace its Email Security Gateway (ESG) appliances which have been affected by a zero-day flaw. The company has urged its customers to replace the appliances regardless of patch version level or to take
Read More
Microsoft can collect from children going forward,” said Andrew Smith, director of the FTC’s Bureau of Consumer Protection. The FTC found that Microsoft’s Xbox Live online gaming service allowed children to create and customize profiles with personal information and photographs, all without parental consent. Microsoft then used this information to target children with ads. Additionally,
Read More
major ransomware groups, each with their own unique style and tactics. These groups are constantly evolving and adapting, making it difficult for organizations and law enforcement to keep up. The Role of a Ransomware Negotiator Enter the ransomware negotiator. This individual is hired by organizations to negotiate with the ransomware attackers and hopefully reach a
Read More
PowerShell, which is utilized heavily by system administrators and attackers alike. The malware is designed to surreptitiously infiltrate the victim’s network and steal valuable data,” Adlumin stated. The PowerDrop malware is specifically tailored for use in the aerospace industry, with a particular focus on stealing sensitive data related to government contracts and proprietary research and
Read More
Malware Campaign Steals Cryptocurrency Using Satacom Downloader Introduction A new malware campaign has been discovered that uses Satacom downloader to deploy malware and steal cryptocurrency. The purpose of this malware is to steal BTC from the victim’s account by performing web injections into targeted cryptocurrency websites. Satacom downloader The malware campaign relies on a Satacom
Read More
* Vulcan Cyber’s Voyager18 team has discovered a new AI-based attack technique * The technique is called “AI package hallucination” * This technique can be used to disguise malware as legitimate software packages * Attackers can use AI to generate and manipulate code in order to bypass detection by traditional security systems * The technique
Read More
Main points: – Thousands of adware apps for Android found to masquerade as popular apps. – The adware apps redirect users to serve unwanted ads as part of a campaign. – The campaign has been ongoing since October 2022. – The adware apps are often non-functional or harmful. The adware apps have been identified as
Read More
OT Cyber Attacks Cyber attacks on critical infrastructure and other OT systems are increasing as digital transformation and OT/IT convergence accelerate. Water treatment facilities, energy providers, factories, and chemical plants are all at risk. Disrupting or manipulating OT systems could result in real physical harm to citizens, environments, and the economy. These types of attacks
Read MoreNo products in the cart.