South Korea seems to be a target of a new malicious campaign that propagates RAT malware camouflaged into a game for adults. The way it is distributed happens via torrents and also webhards. The types of RATs cybercriminals use in this campaign are njR…
Read More Webhards and Torrents: the New Channels for RAT Malware Propagation in KoreaGreat efforts pay off! We are very proud and thrilled to announce that Heimdal™ won first place in the Cloud-Delivered Security Solution of the Year category at the Network Computing Awards 2021 event! We are also winners of second place in the Product…
Read More Network Computing Awards 2021: Heimdal™ Wins Best Cloud-Delivered Security SolutionPurpleFox botnet, the well-known Dirty Moe, goes on and develops more vulnerability exploits and payloads. The fresh news on this botnet shows how this time it establishes C2 communication via WebSockets. PurpleFox Botnet: New Version Out There Image S…
Read More C2 Communication Is Enabled via WebSockets in a Fresh PurpleFox Botnet VersionAcademic experts from a U.S. university designed a new type of cyberattack dubbed Gummy Browsers. Its main characteristics include the capturing of fingerprints and also tricking the browser. Gummy Browsers Attack: How It Might Unfold According to Blee…
Read More Gummy Browsers: The New Cyberattack Developed by ResearchersRemote desktop software is basically a computer program that lets you connect to another computer. The PC you will connect to is named “the host”, your PC from where you initiate the connection is called the viewer or the client. After connecting to th…
Read More 20+ Free Remote Desktop Software Tools You Need to KnowA warning comes from the FBI announcing that cybercriminals use new methods to collect financial data and personal information, making use of false websites posing as government platforms. Their goal is to make the victims provide sensitive data, propa…
Read More False Government Websites Steal Private Financial Data, FBI warnsTwo malicious accounts used by threat actors in a seemingly North Korean cyber-espionage campaign were suspended by Twitter. The accounts under discussion are @lagal1990 and @shiftrows13 working as bait for security researchers with the final goal to m…
Read More Malicious Accounts that Targeted Security Researches Were Suspended by TwitterSinclaire TV Stations known as Sinclair Broadcast Group published a press release yesterday where they announced the company being hit by a ransomware attack. It happened during the weekend, as this is the new timeframe most ransomware operators seem t…
Read More Ransomware Attacks Go On with One More Hit: Sinclair TV Stations TargetedFollowing the last week’s White House National Security Council’s virtual meetings on the Counter-Ransomware Initiative event, senior officials from the U.E. and 31 countries have issued a joint statement where they acknowledged their focus on cryptocu…
Read More Senior Officials Join the U.S. in an Anti-Ransomware InitiativeA fresh variant of a phishing campaign has been recently detected. By its nickname MirrorBlast, its targets are finance enterprises. The attack methods it uses consist of malicious Excel documents that are almost untraceable. MirrorBlast: How Does It W…
Read More MirrorBlast, the New Phishing Campaign Targeting Financial OrganizationsResearchers have discovered a new ransomware strain dubbed Yanluowang ransomware, that is still in the development process. Its targets? Enterprise entities. Yanluowang Ransomware: the Name Story The recent strain was discovered by the threat hunter te…
Read More Yanluowang Ransomware Targets Enterprise EntitiesAn Acer data breach on the company’s Indian after-sales services has been confirmed by the Taiwan-based multinational hardware and electronics enterprise. Who Is Behind the Acer Data Breach? According to BleepingComputer, the company did not shar…
Read More Acer Data Breach Impacts the Company’s Indian SystemsOver 30 countries are to be participants this week in a global anti-ransomware event that will unfold via virtual meetings. To these kinds of meetings, the White House National Security Council invited ministers and senior officials who represent the c…
Read More Virtual Global Anti-Ransomware Event Takes Place This WeekThe OpenSea NFT platform could be a new target in the hands of hackers. As per a new discovery, cybercriminals use malicious NFT art as bait, thus determining users to click on it. What this will do is empty their crypto wallets. This would be possible…
Read More Hackers Exploit OpenSea Bug to Perform Crypto Wallets TheftCyberattacks seem to have no end. A new one targeted Olympus, a firm that specializes in medical technology, over the weekend, on Sunday, October 10. Following this Olympus cyberattack, the ones from the U.S., Latin America, and Canada had to close off…
Read More Olympus Cyberattack Happening During the WeekendA UK team of researchers has carried out a study discovering some Android privacy issues related to Android smartphones. Huawei Android devices, Realme, Xiaomi, and Samsung represented the experts’ focus during their research. Besides, they also analyz…
Read More Android Privacy Issues Were Discovered in a New StudyFollowing the sell-out of data related to nuclear-powered warship design to an undercover FBI agent, a nuclear engineer together with his wife were imprisoned, being charged with espionage accusations that indicate the Atomic Energy Act’s violati…
Read More Undercover FBI Agent Reveals Espionage Plans of Nuclear EngineerCloud service providers, like, for instance, Huawei Cloud, are now targeted by some new variant of a past crypto-mining malware. This is Linux-based and its initial version started its activities in 2020 when the victims were Docker containers. TrendMi…
Read More Crypto-mining Malware Targets Huawei CloudAn AVD bug has been recently fixed by Microsoft. What the flaw did was to block various Azure Virtual Desktop devices, not letting them downloading and running the monthly updates. These are normally done via WSUS (Windows Server Update Services). What…
Read More AVD Bug Fixed by MicrosoftVidar stealer is back and has a new target: this time, the Mastodon social media network is being abused in a fresh malicious campaign. The goal is C2 configuration achievement without being noticed. Vidar Stealer: How It Works The Vidar stealer’s acti…
Read More Vidar Stealer Returns and Has a New Target: MastodonSome Medtronic cybersecurity risks were discovered in relation to the “MiniMed Paradigm” products range, that is why the company urges immediate returning to vendors the remote controllers associated with MiniMed Paradigm insulin pumps. Medtronic Cyber…
Read More Medtronic Cybersecurity Risks: Some Devices Should Be Returned to VendorCISA issued an advisory this Tuesday regarding some Honeywell critical vulnerabilities. If exploited, the consequences might be remote code execution (RCE) and DoS attacks (Denial of Service). These flaws are related to Honeywell Experion Process Knowl…
Read More Honeywell Critical Vulnerabilities in Experion Process Knowledge System and ACE ControllersAn EventBuilder misconfiguration led to sensitive data exposure, information belonging to registrants related to virtual events in the EventBuilder, the software platform that allows virtual events setting up such as conferences or webinars. It is kno…
Read More EventBuilder Data Exposure: Registrants’ Details in Plain SightFollowing March’s hacking campaign against Microsoft Exchange, the Republican Governors Association announced an RGA data breach in a last week’s notification letter sent to impacted individuals with further details on the issue. During this mali…
Read More RGA Data Breach: Another Organization Affected by Massive Microsoft Exchange Hacking CampaignSince ransomware attacks have been a continuous threat to US infrastructure over the last two years, the Biden administration is said to be expected this week to put in place ransomware crypto exchanges sanctions. These will apply to wallets, crypto ex…
Read More Ransomware Crypto Exchanges Sanctions to Be Implemented by the U.S.As ransomware attacks have gained ground recently, researchers decided to start making out a list of vulnerabilities abused by ransomware groups that is easy-to-follow in order for organizations to be aware of which security flaws ransomware gangs expl…
Read More Experts Make Out a List of Vulnerabilities Abused by Ransomware GroupsAs per an FBI report published yesterday on the Internet Crime Complaint Center (IC3) site, Americans managed since the beginning of this year to lose $113 million. The reason? Falling prey to the vast trend of online romance scams. Online Romance Scam…
Read More Online Romance Scams Led to $113 Million Financial Loss in 2021, the FBI ReportsMikroTik, the Latvian-based manufacturer of network equipment has shared in yesterday’s blog post some mitigation measures to fight against Mēris botnet. These Mēris Botnet mitigation measures can be used by clients to secure their compromised routers….
Read More Mēris Botnet Mitigation Measures Shared by MikroTikOn the 6th of September, South Africa’s Department of Justice was hit by a ransomware attack that targeted its network and managed to encrypt its entire systems, thus electronic services were not available anymore, neither internally, nor to the public…
Read More South Africa Ransomware Attacks Go On with One More Hit: the Whole Network of the Department of Justice AffectedThe DeFi platform (decentralized finance) Cream Finance confirmed yesterday a massive crypto theft. More exactly, hackers stole more than $29 million in cryptocurrency assets from the company. Patterns of the attack had been identified not less than ha…
Read More Cream Finance Deprived of over $29 million in Cryptocurrency Assets