Sly Uduosa

Sylvester Uduosa who goes by the nickname 'Sly' is a Legal Practitioner, Certified Ethical Hacker and Python Programmer.

New Techniques Adopted By SolarMarker To Maintain Presence On Hacked Systems

Leave a Comment / Malware /

As threat actors continuously change pattern, the operators of the SolarMarker information stealer and backdoor have been discovered to be leveraging stealthy tricks to establish long-term persistence on compromised systems. This was spotted by Sophos a cybersecurity firm, wherein they observed that the remote access implants are still being detected on targeted networks despite the […]

New Techniques Adopted By SolarMarker To Maintain Presence On Hacked Systems Read More »

Secret Backdoors Discovered In WordPress Plugins and Themes

Leave a Comment / Vulnerabilities /

In another software supply chain attack, dozens of WordPress themes and plugins hosted on a developer’s website were backdoored with malicious code in September 2021 with the goal of infecting further sites. This gave attackers full administrative control over websites that used 40 themes and 53 plugins belonging to AccessPress Themes, a Nepal-based company that

Secret Backdoors Discovered In WordPress Plugins and Themes Read More »

Researchers Discover Strategic Similarities b/w Notpeya and WhisperGate Attatcks

Leave a Comment / Malware /

The wiper malware which attacked dozens of Ukranian agencies earlier this month has been analysed thus revealing “strategic similarities” to NotPetya malware that was unleashed against the country’s infrastructure and elsewhere in 2017. WhisperGate as it is been called was discovered by Micrfosoft last week, which said it observed the destructive cyber campain targeting government,

Researchers Discover Strategic Similarities b/w Notpeya and WhisperGate Attatcks Read More »

Interpol Arrests 11 Members of a Nigerian Cybercrime Gang

Leave a Comment / Cyber Attacks /

11 members of a Nigerian cybercrime gang known for perpetrating business email compromise (BEC) have been apprehended by a coordinated law enforcement operation. This comes after a ten-day investigation dubbed Operation Falcon II undertaken by the Interpol along with participation from the Nigeria Police Force’s Cybercrime Police Unit in December 2021. Group-IB and Palo Alto

Interpol Arrests 11 Members of a Nigerian Cybercrime Gang Read More »

Europol Shuts Down VPNLab Popularly Used By Cybercriminals

Leave a Comment / Cyber Attacks /

The popular VPNLab.net used by malicious actors to deploy ransomware has been taken offline following a coordinated law enforcement operation. Europol stated that it took action against the misuse of the VPN service by grounding 15 of its servers on January 17 thus rendering it inoperable as part of a disruptive action that took place

Europol Shuts Down VPNLab Popularly Used By Cybercriminals Read More »

Researchers Discover 3 WordPress Plugins Leaving 84,000 Websites Vulnerable To Attack

Leave a Comment / Vulnerabilities /

Three WordPress plugins have been discovered to be affected with a security shortcoming which gives a malicious actor the opportunity to take over vulnerable websites. An attacker could update arbitrary site options on a vulnerable site, provided they could trick a site administrator into clicking a link or doing a thing. Tracked as CVE-2022-0215, the

Researchers Discover 3 WordPress Plugins Leaving 84,000 Websites Vulnerable To Attack Read More »

Garrett Walk-Through Metal Detector Vulnerability Discovered

Leave a Comment / Uncategorized, Vulnerabilities /

Security flaws have been uncovered in a networking component in Garrett Metal Detectors which could allow remote attackers bypass authentication requirements, tamper with metal detector configurations and even execute arbitrary code on the devices. Cisco Talos noted in a disclosure publicized that “An attacker could manipulate this module to remotely monitor statistics on the metal

Garrett Walk-Through Metal Detector Vulnerability Discovered Read More »

Chinese Hackers Target Academic Institution Using Log4Shell Exploit

Leave a Comment / Cyber Attacks /

Aquatic Panda a China-based targeted intrusion has been observed leveraging critical flaws in the Apache Log4j logging library as an access vector to perform various post-exploitation operations, including reconnaissance and credential harvesting on targeted systems. Crowdstrike a cybersecurity firm stated that the infiltration which was foiled was aimed at an unnamed “large academic institution”. The

Chinese Hackers Target Academic Institution Using Log4Shell Exploit Read More »

New PseudoManuscrypt Malware Currently Infecting Computers

Leave a Comment / Malware /

A new malware called PseudoManyscrypt has been observed attacking industrial and government organizations including enterprises in the military-industrial complex and research laboratories. The name is derived from its similarities to the Manuscrypt malware which is part of trhe Lazarus APT groups attack toolset and the series of intrusion was first detected in June 2021. It

New PseudoManuscrypt Malware Currently Infecting Computers Read More »

Facebook to Reward Hackers for Reporting Data Scraping Bugs and Scraped Datasets.

Leave a Comment / Reviews /

Facebook now Meta has announced plans to expand its bug bounty program to start rewarding valid reports of scraping vulnerabilities across its platforms as well as include reports of scraping data sets that are available online. “We know that automated activity designed to scrape people’s public and private data targets every website or service,” said

Facebook to Reward Hackers for Reporting Data Scraping Bugs and Scraped Datasets. Read More »