Witchetty APT used steganography in attacks against Middle East entities
A cyberespionage group, tracked as Witchetty, used steganography to hide a previously undocumented backdoor in a Windows logo. Broadcom’s Symantec...
News
US DoD announced the results of the Hack US bug bounty challenge
The US Department of Defense (DoD) shared the results of the Hack US bug bounty program that took place in July....
Microsoft confirms Exchange zero-day flaws actively exploited in the wild
Microsoft confirmed that two recently disclosed zero-day flaws in Microsoft Exchange are being actively exploited in the wild. Microsoft confirmed...
Unpatched Microsoft Exchange Zero-Day actively exploited in the wild
Security researchers are warning of a new Microsoft Exchange zero-day that are being exploited by malicious actors in the wild....
Experts uncovered novel Malware persistence within VMware ESXi Hypervisors
Researchers from Mandiant have discovered a novel malware persistence technique within VMware ESXi Hypervisors. Mandiant detailed a novel technique used...
The secrets of Schneider Electric’s UMAS protocol
UMAS (Unified Messaging Application Services) is a proprietary Schneider Electric (SE) protocol used to configure and monitor Schneider Electric PLCs....
Incident Response Services & Playbooks Guide
63% of c-level executives in the US don’t have an incident response plan yet 50% of organizations experience a cyberattack....
Stronger Cloud Security in Azure Function Using Custom Cloud Container
In this entry, we discuss how developers can use custom cloud container image and the distroless approach to minimize security...
Stronger Cloud Security in Azure Functions Using Custom Cloud Container
In this entry, we discuss how developers can use custom cloud container image and the distroless approach to minimize security...
Hacker groups support protestors in Iran using Telegram, Signal and Darkweb
Several hacker groups are assisting protestors in Iran using Telegram, Signal and other tools to bypass government censorship. Check Point...
A cracked copy of Brute Ratel post-exploitation tool leaked on hacking forums
The Brute Ratel post-exploitation toolkit has been cracked and now is available in the underground hacking and cybercrime communities. Threat...
Go-based Chaos malware is rapidly growing targeting Windows, Linux and more
A new multifunctional Go-based malware dubbed Chaos is targeting both Windows and Linux systems, experts warn. Researchers from Black Lotus Labs...
Prilex: the pricey prickle credit card complex
Prilex is a Brazilian threat actor that has evolved out of ATM-focused malware into modular point-of-sale malware. The group was...
Threat actors use Quantum Builder to deliver Agent Tesla malware
The recently discovered malware builder Quantum Builder is being used by threat actors to deliver the Agent Tesla RAT. A...
ONLINE DISINFORMATION: Under the hood of a Doppelgänger
ONLINE DISINFORMATION is one of the defining issues of our time and the influence of fake news has become an...
APT28 relies on PowerPoint Mouseover to deliver Graphite malware
The Russia-linked APT28 group is using mouse movement in decoy Microsoft PowerPoint documents to distribute malware. The Russia-linked APT28 employed a technique...
Bl00dy ransomware gang started using leaked LockBit 3.0 builder in attacks
The recently born Bl00Dy Ransomware gang has started using the recently leaked LockBit ransomware builder in attacks in the wild....
NUVOLA: the new Cloud Security tool
nuvola is the new open-source cloud security tool to address the privilege escalation in cloud environments. nuvola is the new...
Meta dismantled the largest Russian network since the war in Ukraine began
Meta dismantled a network of Facebook and Instagram accounts spreading disinformation across European countries. Meta announced to have taken down...
Preventing Cryptocurrency Cyber Extortion
Highly destructive cybercrime is on the rise, and most of it is being funded with anonymous cryptocurrency. Discover cryptocurrency trends...
How Underground Groups Use Stolen Identities and Deepfakes
The growing appearance of deepfake attacks is significantly reshaping the threat landscape. These fakes brings attacks such as business email...
US-CERT Bulletin (SB22-269):Vulnerability Summary for the Week of September 19, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
North Korea-linked Lazarus continues to target job seekers with macOS malware
North Korea-linked Lazarus APT group is targeting macOS Users searching for jobs in the cryptocurrency industry. North Korea-linked Lazarus APT...
Defense firm Elbit Systems of America discloses data breach
Elbit Systems of America, a subsidiary of defense giant Elbit Systems, disclosed a data breach after Black Basta ransomware gang...
