Five Steps to Mitigate the Risk of Credential ExposureEvery year, billions of credentials appear online, be it on the dark web, clear web, paste sites, or...
Day: October 4, 2022
Researchers Uncover Covert Attack Campaign Targeting Military Contractors
Researchers Uncover Covert Attack Campaign Targeting Military ContractorsA new covert attack campaign singled out multiple military and weapons contractor companies with spear-phishing emails to trigger a...
Brazilian Prilex Hackers Resurfaced With Sophisticated Point-of-Sale Malware
Brazilian Prilex Hackers Resurfaced With Sophisticated Point-of-Sale MalwareA Brazilian threat actor known as Prilex has resurfaced after a year-long operational hiatus with an advanced and complex malware to...
WARNING: New Unpatched Microsoft Exchange Zero-Day Under Active Exploitation
WARNING: New Unpatched Microsoft Exchange Zero-Day Under Active ExploitationSecurity researchers are warning of previously undisclosed flaws in fully patched Microsoft Exchange servers being exploited by malicious...
Microsoft Confirms 2 New Exchange Zero-Day Flaws Being Used in the Wild
Microsoft Confirms 2 New Exchange Zero-Day Flaws Being Used in the WildMicrosoft officially disclosed it investigating two zero-day security vulnerabilities impacting Exchange Server 2013, 2016, and...
North Korean Hackers Weaponizing Open-Source Software in Latest Cyber Attacks
North Korean Hackers Weaponizing Open-Source Software in Latest Cyber AttacksA "highly operational, destructive, and sophisticated nation-state activity group" with ties to North Korea has been weaponizing...
Why Organisations Need Both EDR and NDR for Complete Network Protection
Why Organisations Need Both EDR and NDR for Complete Network ProtectionEndpoint devices like desktops, laptops, and mobile phones enable users to connect to enterprise networks and...
New Malware Campaign Targeting Job Seekers with Cobalt Strike Beacons
New Malware Campaign Targeting Job Seekers with Cobalt Strike BeaconsA social engineering campaign leveraging job-themed lures is weaponizing a years-old remote code execution flaw in Microsoft...
Cyber Attacks Against Middle East Governments Hide Malware in Windows Logo
Cyber Attacks Against Middle East Governments Hide Malware in Windows LogoAn espionage-focused threat actor has been observed using a steganographic trick to conceal a previously undocumented...
New Malware Families Found Targeting VMware ESXi Hypervisors
New Malware Families Found Targeting VMware ESXi HypervisorsThreat actors have been found deploying never-before-seen post-compromise implants in VMware's virtualization software to seize control of infected systems...
CISA Warns of Hackers Exploiting Critical Atlassian Bitbucket Server Vulnerability
CISA Warns of Hackers Exploiting Critical Atlassian Bitbucket Server VulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed critical flaw impacting Atlassian's Bitbucket...
State-Sponsored Hackers Likely Exploited MS Exchange 0-Days Against ~10 Organizations
State-Sponsored Hackers Likely Exploited MS Exchange 0-Days Against ~10 OrganizationsMicrosoft on Friday disclosed that a single activity group in August 2022 achieved initial access and breached...