CrowdStrike encountered a previously undocumented post-exploitation framework called IceApple deployed on Exchange servers for data exfiltration. Its long-running campaign focuses on intelligence gathering and indicates that it is a state-sponsored mission, allegedly, aligning with China-nexus, state-sponsored intrusions. Hence, it is imperative that all web apps are patched on a regular basis to prevent IceApple from compromising […]
Threat actors are using Tor and Telegram to spread the Eternity malware that is customizable to modules, including a stealer, clipper, worm, miner, and ransomware. It can pilfer information from cryptocurrency extensions or even cold wallets. It also targets password managers, VPN clients, messengers, and gaming clients. Businesses are advised to have robust security measures […]
SonicWall “strongly urges” customers to patch several high-risk security flaws impacting its Secure Mobile Access (SMA) 1000 Series line of products that can let attackers bypass authorization and, potentially, compromise unpatched appliances.
A total of 17 vulnerabilities have been found in a wireless industrial router made by InHand Networks, including flaws that can be chained to gain root access by getting a user to click on a malicious link.
Pro-Russian hacktivists known as the Killnet group claimed responsibility for the attacks and are the same group that launched similar attacks against Romanian portals and the Bradley Airport in the US.
A critical vulnerability, CVE-2022-30525, affecting several models of Zyxel firewalls has been publicly revealed, along with a Metasploit module that exploits it. The patches for the vulnerability are available.
Microsoft says the Sysrv botnet is now exploiting vulnerabilities in the Spring Framework and WordPress to ensnare and deploy cryptomining malware on vulnerable Windows and Linux servers.
Researchers have detailed a string of cyberattacks involving ransomware which took place in early 2022 to an Iranian hacking group they refer to as Cobalt Mirage – also known as APT35, Charming Kitten, Phosphorus, and TA453 by other research groups.
Researchers discovered a new campaign running an NFT scam via a series of YouTube videos. Cybercriminals would append malicious links in a video’s description that lead victims to download RedLine Stealer from a GitHub link.
The EU has reached a political agreement on new legislation that will impose common cybersecurity standards on critical industry organizations. The new directive will replace the existing rules on the security of networks and information systems.