Enterprise security firm Proofpoint has linked TA406, a North Korean threat actor to a wave of credential theft campaigns targeting research, education and government with two of the attacks aimed at distributing malware which could be used for intelligence gathering. TA406 also known as Kimsuky came into operations as early as 2012 emerging as one […]
Credential Theft Campaign Linked To North Korean Hackers Read More »
After a seven month hiatus, the Russian-speaking cyber-espionage group RedCurl returns. With their arrival on the scene, the group has targeted 4 companies including a large retail store in Russia as well as improving on its toolset in an attempt to thwart analysis and antivirus detection. The group became active in November 2018 with attacks
RedCurl The Corporate Espionage Hacker Group Returns Read More »
The dark web payment portal operated by Conti the ransomware group has gone down in what appears to be a shift to a new infrastructure after details of inner working of the group was made public. According to MalwareHunterTeam, “while both the clearweb and Tor domains of the leak site of the Conti ransomware gang
Conti Ransomware Group Secrets Exposed Read More »
The FBI has disclosed that a yet to be identified threat actor has been exploiting a previously known weakness in the FatPipe MPVPN networking devices at least since May 2021 using it to obtain initial foothold as well as maintain persistent access into the vulnerable networks. This allowed APT actors to gain unrestricted file upload
FBI Releases Alert on Currently Exploited FatPipe VPN Zero-Day Bug Read More »
There has been an increase in the adoption of ransomware as a means of generating revenue for nation-state operators with affiliations with Iran. So far, six threat actors with the West Asian country have been discovered deploying ransomware to achieve their strategic objectives, researchers from Microsoft Threat Intelligence Center (MSTIC) revealed, adding that the ransomware
Microsoft Discloses 6 Iranian Hacking Groups Turning to Ransomware Read More »
A joint advisory warning of active exploitation of Fortinet and Microsoft Exchange Proxyshell has been released by cybersecurity agencies from Australia, U.S and the U.K. Iranian state-sponsored actors are believed to be behind this attacks and are leveraging multiple Fortinets FortiOS vulnerabilities dating back to March 2021 as well as a a remote code execution
Researchers have discovered a hacker-for-hire group called “Void Balaur” which has been linked to strings of cyberespionage and data theft activities targeting politicians, human right activists and government officials since 2015 for financial gain. The group was only recently unmasked when advertisements of its services was cited in a Russia-speaking underground forum dating all the
Researchers Discover “Void Balaur” the Hacker-for-Hire Group Active since 2015 Read More »
Threat actors believed to be affiliated with Iran has been linked to series of targeted attacks aimed at telecommunication operators and internet service providers (ISPs) in Morocco, Saudi Arabia and Isreal and a few ministries of foreign affairs (MFA) in Africa. The group tracked as Lyceum is believed to have occurred between July and October
ISPs and Telecomms are Currently Targets of Iranian Hackers Lyceum Read More »
A Zero-day vulnerability has been disclosed in Palo Alto Networks GlobalProtect VPN capable of being abused by an unauthenticated network-based attacker to execute arbitrary code on affected devices using root privileges Tracked as CVE-2021-3064 (CVSS score:9.8), the security weakness impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.1.17. This flaw was discovered and reported by Masachusetts-based
Palo Alto Warns of Zero-Day Bug in Firewalls Using GlobalProtect Portal VPN Read More »
With the bubble of the Internet comes a plethora of flaws and vulnerabilities available at the disposal of threat actors. There’s a popular saying that as long as there is a system to operate, there’ll be a vulnerability waiting to be exploited. Open Web Application Security Project (OWASP) is an online community which produces articles,
OWASP Top 10 2021 Quick List Review Read More »
