Researchers have noticed a RAT (remote access trojan) dubbed NerbianRAT being distributed via emails. Its name comes from a malware code function’s name. NerbianRAT: How It Is Distributed Researchers from Proofpoint have recently published a report pro…
Read More NerbianRAT Trojan Spreads via EmailsThe Council together with the European Parliament has recently agreed upon a new cybersecurity directive called NIS2 that has the goal to bring about “a high common level of cybersecurity across the Union”. Once implemented, it will work on the improve…
Read More New Cybersecurity Directive Agreed between the European Parliament and EU Member StatesExperts have discovered a phishing campaign that has been going on for over a year. Its target? The German automotive industry. What threat actors are trying to do is to infiltrate password-stealing malware into the victims’ systems. More Details on th…
Read More At Least 14 German Automakers Targeted by Malware CampaignA new Linux malware dubbed BPFdoor has been recently identified. Its targets have been Linux and Solaris systems and what’s more, is that it has passed unnoticed for over 5 years. More Details on the BPFdoor Malware BPF can be described as a Linux/Unix…
Read More BPFdoor Has the Capacity to Bypass FirewallsRMM software (short for Remote Monitoring and Management Software) is a software type used by IT professionals and organizations to remotely manage and monitor networks and endpoints. How Does RMM Software Work? A service provider has to deploy the age…
Read More What Is RMM Software?Bitter, an APT group reportedly engaged in cyber espionage activities, has been observed targeting the Bangladesh government by leveraging new malware that shows remote file execution functionalities. The campaign has been active since at least August …
Read More South Asian Governments Targeted by Bitter APT GroupIf you’ve lately used Windows Print Spooler, here’s some bad news: you may have been hacked. Between July 2021 and April 2022, threat actors carried out nearly 65,000 cyberattacks through Windows’ Print Spooler application, according to a n…
Read More Windows Print Spooler Exploit: the Path for Threat Actors to Perform 65,000 CyberattacksA credit card stealing service is gaining traction, providing a simple and automated option for low-skilled threat actors to enter the realm of financial fraud. How Do Credit Card Skimmers Work? Credit card skimmers stand for malicious programs that ar…
Read More Caramel Credit Card Theft Is Becoming Increasingly PopularBumblebee, a freshly uncovered malware loader, is most probably the Conti syndicate’s latest creation, aimed to replace the BazarLoader backdoor leveraged for ransomware payloads delivery purposes. According to researchers, the appearance of Bumb…
Read More Conti’s BazarLoader Replaced with Bumblebee MalwareCybersecurity authorities around the world have published a list of the top 15 vulnerabilities regularly exploited by malicious actors in 2021, in collaboration with the NSA and the FBI. In a joint alert, the cybersecurity authorities recommended enter…
Read More Top Exploited Vulnerabilities in 2021 Revealed by Cybersecurity FirmsThe US Federal Bureau of Investigation (FBI) has recently issued a warning to organizations in the Food and Agriculture (FA) sector that ransomware gangs may be more inclined to target them during harvest and planting seasons. The FBI added that while …
Read More The US Agriculture Sector Targeted with Ransomware Attacks, the FBI SaysAuthentication and authorization are two concepts of access management that make for the perfect combo when speaking of ensuring a thorough cybersecurity strategy for a company. Read on to gain more knowledge on authentication and authorization definit…
Read More Authentication vs. Authorization: the Difference ExplainedResearchers have recently identified three Lenovo UEFI firmware vulnerabilities of high impact located in various Lenovo laptop models that consumers use. By successfully exploiting these flaws, threat actors can deploy and execute firmware implants on…
Read More Millions of Laptops Impacted by Lenovo UEFI Firmware VulnerabilitiesCISA, the FBI, and the US Treasury Department have recently issued a warning that firms in the cryptocurrency and blockchain industries are being targeted by the North Korean Lazarus hacking gang. It seems that the threat actors are using trojanized cr…
Read More Lazarus Hackers Make Use of Fraudulent Crypto Apps, US WarnsA warning about a new wave of social engineering cyberattacks that distribute the IcedID malware and employ Zimbra exploits for sensitive data theft purposes has been recently issued by the Computer Emergency Response Team of Ukraine (CERT-UA). More In…
Read More IcedID Malware Is Being Used in a New Hacking Campaign Targeting the Ukrainian GovernmentA new info-stealer is making way on the cyber threat landscape as Haskers Gang has just added to their arsenal ZingoStealer. More Details on ZingoStealer The malware, as mentioned above, named ZingoStealer, is being distributed for free to Haskers Gang…
Read More ZingoStealer: New Malware Making Way on the Threat LandscapeFive serious vulnerabilities in hospital robots that served for the transportation of medical supplies have been patched by vendor Aethon. Vulnerabilities Found in Hospital Robots: More Details As recently reported in Cynerio’s public report of J…
Read More Hospital Robots Have Been Found to Have Critical VulnerabilitiesMalicious applications masquerading as antivirus solutions on the Google Play Store have been identified by security experts. These dangerous apps contain the SharkBot trojan, whose targets are Android devices. SharkBot stands for an info-stealer whose…
Read More SharkBot Is Spread Using Phony Antivirus Apps on Google PlayThreat actors have been detected using the Spring4Shell vulnerability to install malware on victim PCs, according to security researchers. More Details on the Spring4Shell Vulnerability According to ZDNet, the Spring4Shell vulnerability, which has been…
Read More Mirai Malware Distributed by Means of Spring4Shell VulnerabilityA new META malware, an info-stealer that seems to be more and more popular among hackers, has been discovered being leveraged by threat actors in a recent malspam campaign. What Is Meta Malware? META, along with Mars Stealer and BlackGuard, is one of t…
Read More New Meta Malware Used in Malspam CampaignA cryptomining malware designed particularly to target Amazon Web Services (AWS) Lambda cloud systems has been recently identified by security experts. What Happened? Denonia is the name attributed by security researchers from Cado Security to the iden…
Read More New Malware Leveraged Cryptominers to Target AWS LambdaIdentity and access management is a key component in ensuring the security of data. It can be used to protect companies against data breaches by providing a layer of security that protects information from unauthorized access. Find more about this conc…
Read More Identity and Access Management (IAM) Explained: Definition, Benefits and MoreApparently, the Conti ransomware group is still operational and waging cyberattacks against victims worldwide, regardless of the fact that their activities had been previously leaked online. Conti Still in the Cyber Game To briefly go over Conti’s acti…
Read More The Conti Group Still in Business Regardless of the Data Leak It FacedA lasting malicious campaign employed by threat actors linked to the Chinese government has been recently discovered by security experts. Its purpose is the launching of a custom malware loader by means of the VLC Media Player. A Chinese state-backed a…
Read More VLC Media Player Leveraged by Hackers to Distribute Malware LoaderThreat actors managed to get access to internal customer support and account management systems at MailChimp, the email marketing company reported on Sunday. The hackers’ goal was to perform audience data theft and lead phishing cyberattacks. MailChimp…
Read More Crypto Customers Targeted in MailChimp Data BreachBorat, a new remote access trojan (RAT) with easy-to-use capabilities has emerged on the darknet markets. The malware focuses on DDoS (Distributed-Denial-of-Service) cyberattacks, ransomware distribution, and UAC bypass. How Does Borat Work? Borat is a…
Read More New RAT Dubbed Borat Emerging on the Cyberthreat LandscapeA new info-stealer malware dubbed BlackGuard has been identified by security analysts. It seems that it’s put up for sale on Russian hacking forums, according to the researchers who discovered it. BlackGuard Advertised for Sale The malware has been des…
Read More BlackGuard, a New Info-Stealer, for Sale on Russian Hacking ForumsA game-changer in the PAM market, PEDM is now on everybody’s lips when talking about more efficient methods to mitigate cybersec risk by properly controlling privileged permissions. Featuring three essential elements: appropriate privileges for appropr…
Read More Privilege Elevation and Delegation Management Explained: Definition, Benefits and MoreAccording to the Google Threat Analysis Group (TAG), a great number of threat actors are currently exploiting the event of the Russian invasion in Ukraine to launch phishing and malware cyberattacks against Eastern European and NATO countries. The cybe…
Read More NATO Countries Targeted in Russian Phishing Attacks, Google ReportsMars Stealer, a newly released information-stealing malware variant, is gaining traction on the cyber scene. A first large-scale campaign using it has now been observed by security analysts. Mars Stealer Background Mars Stealer stands for a reimagining…
Read More Mars Stealer: a New Popular Malware on the Cyberthreat LandscapeThe ones who created Purple Fox malware have upgraded their malware arsenal, as currently, they are using a new FatalRAT version, a remote access trojan. Besides, its functionalities to avoid detection have been also upgraded. New FatalRAT Version Wrea…
Read More Purple Fox Threat Actors Leverage New FatalRAT VersionFollowing the identification of a V8 vulnerability in Chrome and Edge that shows an exploit in the wild, users who employ Windows, macOS, and Linux should update Chrome builds to version 99.0.4844.84 as an out-of-band security update has been recently …
Read More V8 Vulnerability Hits Chrome and EdgeA new wave of social engineering attacks has been targeting Morgan Stanley client accounts as Morgan Stanley’s wealth and asset management subsidiary claims. Morgan Stanley Client Accounts Compromised by Social Engineering: What Happened Hackers …
Read More Social Engineering Attacks Target Morgan Stanley Client AccountsMustang Panda, a threat actor reportedly related to China, has been waging a harmful campaign with a new version of the Korplug malware known as Hodur and custom loaders for a period of at least eight months, according to security specialists. Who Is M…
Read More ISPs and Diplomats Targeted by New Mustang Panda Hacking CampaignThe Google Play Store has seen over 100,000 downloads of malicious Android software that performs Facebook credentials theft. It seems that the application is still available for download. Android Password Stealing Malware Poses as Cartoonifier App The…
Read More 100,000 Google Play Users Targeted by Android Password Stealing MalwareGood news for victims of Diavol ransomware. Emsisoft, the well-known cybersecurity company, has just provided a free decryptor for this ransomware family linked to the TrickBot gang. Now victims can use this free decryption tool to recover their files …
Read More Diavol Ransomware Receives Free DecryptorGithub, the well-known code hosting platform, has recently released new analysis features that have the role to automate the identification of new security flaws before they reach production. These features are designed on machine learning-based code s…
Read More GitHub Code Scanning Now Detects Additional Security FlawsFive major banks from Canada were impacted by an hours-long outage that got them offline. Online and mobile banking together with customer e-transfer services were blocked during this time. Canadian Online Banking Off for Hours Among the impacted Canad…
Read More Outage Lasting Hours Makes Canada’s Major Banks Go OfflineWindows patching is essential for closing system and application vulnerabilities and certifying that everything works as it should. Read on to find more about Microsoft Windows patch management, how can you implement a proper windows vulnerability mana…
Read More Windows Patch Management: Definition, How It Works and Why It HelpsThe FBI has recently announced a breach impacting several organizations belonging to US critical infrastructure sectors caused by the BlackByte ransomware. The breach has been extended over the last three months and at least 3 organizations were impact…
Read More BlackByte Ransomware Has Had an Impact on the Critical Infrastructure of US, the FBI AnnouncesHeimdal Security (Heimdal) partnered with Bechtle UK will be holding a free online webinar on the 29th of March called “An insight into cybersecurity and the key threats”. This webinar will give you deep knowledge about what factors add to how a busine…
Read More Heimdal™ and Bechtle UK Partner Up for an Exquisite Webinar on the CyberSec Threat OutlookMolerats APT group also dubbed TA402 returns by leading a new reportedly cyberespionage campaign that employs NimbleMamba malware. NimbleMamba Malware Leveraged in New Malicious Campaign A report has been recently published by the Proofpoint researcher…
Read More Molerats APT Makes a Comeback Now Leveraging NimbleMamba MalwareIt has been discovered that a hacking group dubbed ‘ModifiedElephant’, described as an APT (advanced persistent threat) actor has been engaging in its malicious activities in secret for a decade, avoiding detection and correlation between a…
Read More Hacking Group ‘ModifiedElephant’ Has Been Living Out of Sight for a Long TimeDecryptors for three popular ransomware families have been recently released by their supposed operator on the BleepingComputer forums. The ransomware operations under discussion are Maze ransomware, Egregor ransomware as well as Sekhmet ransomware. Ma…
Read More Maze, Egregor and Sekhmet Master Decryption Keys Provided by Their DeveloperA cyberattack resulting in data theft impacted News Corp, an American media and publishing enterprise extended across various domains like news media, book publishing, cable television, and real estate data. The company owns many news brands. Who Was T…
Read More News Corp Reportedly Targeted by Chinese HackersMedusa malware was noticed to target multiple geographic regions. Its goal? Financial fraud and online credentials theft. More Details on Medusa Malware A new report from the ThreatFabric researchers came out revealing insights into the latest methods …
Read More Medusa Malware Increases the Number of Android SMS Phishing CyberattacksA new report has been recently published where researchers state that Chinese threat actors have been targeting Taiwanese financial institutions for a period of 18 months. APT Group Targets Taiwan’s Organizations According to the Symantec experts, who …
Read More New Backdoor Deployed by Chinese Hackers Targets Taiwanese Financial InstitutionsThe concept of Just-in-Time Access has been around for decades but it is only recently that it has become popular in the cybersecurity realm. One reason for this popularity is the increase in cyberattacks and data breaches. With more attacks on privile…
Read More Just-in-Time Access Explained. What It Means, Benefits and Best Practices of JITA new SEO poisoning campaign is currently taking place with the goal of dropping the Batloader and Atera Agent malware into the targeted systems. It seems that it’s directed towards professionals who are on the lookout for downloading productivity tool…
Read More New SEO Poisoning Campaign Is Wreaking Havoc on the Cyberthreat LandscapeA critical Samba vulnerability has been identified. If successfully exploited by threat actors, this could trigger remote code execution with root privileges on servers. Samba is an open-source implementation of SMB/CIFS that allows you to share files,…
Read More Samba Vulnerability Can Trigger RCE and Complete Root User AccessA critical WordPress plugin RCE (remote code execution) vulnerability has been identified in version 5.0.4 and older of Essential Addons for Elementor, the well-known library. How Does the WordPress Plugin RCE Work? The WordPress plugin RCE works by le…
Read More Critical WordPress Plugin RCE Impacts 600K WordPress SitesExperts from Gwangju Institute of Science and Technology (GIST) in South Korea have performed an operation to create a digital security system that is environment friendly. They managed to use natural silk fibers coming from domesticated silkworms in o…
Read More Natural Silk Fibers Used by Researchers to Generate Secure KeysRecently, Delta Electronics, a Taiwan-based company, and provider for big names like Tesla, Apple, Dell, or HP, has announced that it was impacted by a cyberattack. More Details on the Delta Electronics Cyberattack According to the statement the compan…
Read More Conti Ransomware Targets Taiwanese Apple and Tesla Contractor Delta ElectronicsA popular cash-stealer malware dubbed Dark Herring has been wreaking havoc with Android devices, as it reportedly deprived users of hundreds of millions of dollars. In this wave of cyberattacks, almost 500 malicious apps from Google Play were impacted …
Read More Dark Herring Malware on the Hunt for 105M Android DevicesTrickBot is continuously evolving, as the malware has been recently extended with new features. These challenge its research, analysis, and detection as its latest variants are improved to crash browser tabs upon beautified script identification. Trick…
Read More TrickBot Crashes Browser Tabs to Hinder Malware AnalysisA critical SonicWall RCE bug is now on the radar of hackers, as these are massively trying to exploit it. The vulnerability is related to the Secure Mobile Access (SMA) gateways of SonicWall and was addressed by the company in the month of December 202…
Read More Critical SonicWall RCE Bug Actively Targeted by Threat ActorsSeveral campaigns employing spyware have come to light, a new report shows. Researchers name these cyberattacks “Anomalous”. The threat actors’ targets are industrial enterprises and their final goal consists of email accounts credential th…
Read More ‘Anomalous’ Spyware Targets Industrial CompaniesResearchers have recently discovered a new malware they named BHUNT. This targets passwords, security phrases, and cryptocurrency wallet contents. BHUNT Crypto Stealer: More Details The Bitdefender researchers were the ones who identified this new malw…
Read More Crypto Wallets and Passwords Targeted by BHUNT MalwareCybercriminals take advantage of the popular instant messaging service dubbed Telegram for underground channels setup purposes. Their goal is to put for sale details of financial stolen data as pseudonym users become the buyers. Why Telegram Is Easily …
Read More Cybercriminals Sell Stolen Financial Details on TelegramTo understand what privileged access management is, we need to first understand what privileged access refers to. This article will cover many aspects of PAM, including definition, importance, functionality, statistics, best practices, and why our solu…
Read More What Is Privileged Access Management (PAM)?The greatest dark web marketplace for stolen credit cards known under the name of UniCC has made an announcement that its team is retiring. UniCC Shuts Down Its Business According to a report published by Elliptic analysts, UniCC is retiring from busin…
Read More Stolen Credit Cards Biggest Dark Web Marketplace Closes DownA warning comes from Microsoft about a data-wiping malware that poses as ransomware and is being leveraged by threat actors to target several companies from Ukraine. The attacks were identified by Microsoft starting the 13th of January and according to…
Read More Ukraine Targeted in False Ransomware Attacks, Microsoft WarnsAn unofficial patch was released for a privilege escalation vulnerability that has an impact on all versions of Windows after Microsoft tagged its status as “won’t fix”. The flaw is located in the Windows RPC Protocol and was dubbed RemotePotato0 by se…
Read More Free Unofficial Patch for Windows ‘RemotePotato0’ Now Available