Access:7 Supply Chain Vulnerability Impacting ATMs, Medical and IoT Devices

Leave a Comment / Malware /

As many as seven vulnerabilities have been disclosed in PTC’s Axeda software which could be weaponized to access medical and IoT devices without authorization. Popular known as Access:7, with weaknesses of which 3 are rated Critical in severity with the potential of affecting over 150 device models spanning over 100 different manufacturers which makes it […]

Access:7 Supply Chain Vulnerability Impacting ATMs, Medical and IoT Devices Read More »

Xenomorph Android Banking Trojan Now Spreading on Google Play Store

Leave a Comment / Malware /

A new Android trojan has been observed to be distributed via the official Google Play Store with the goal of targeting 56 European banks and carrying out harvesting sensitive information from compromised devices. The trojan has been nicknamed Xenomorph and its noticed to share overlaps with another banking trojan tracked under the moniker Alien while

Xenomorph Android Banking Trojan Now Spreading on Google Play Store Read More »

Taiwanese Financial Trading Sector Suffers Cyber Attack by Chinese Hackers

Leave a Comment / Cyber Attacks /

Hackers aligned with objectives of the Chinese government have been linked to an organized supply chain attack on Taiwan’s financial sector. These attacks first commenced at the end of November 2021, with the intrusions attributed to a threat actor tracked as APT10, also known as Stone Panda, the MenuPass group and Bronze Riverside, and known

Taiwanese Financial Trading Sector Suffers Cyber Attack by Chinese Hackers Read More »

Microsoft Takes Steps to Disable Macros in Office Apps by Default to Block Malware Attacks

Leave a Comment / Malware /

Microsoft announces plans to disable Visual Basic for Applications (VBA) macros by default across its products, including Word,Excel, PowerPoint, Access and Visio for documents downloaded from the web in an attempt to eliminate an entire class of attack vector. “Bad actors send macros in Office files to end users who unknowingly enable them, malicious payloads

Microsoft Takes Steps to Disable Macros in Office Apps by Default to Block Malware Attacks Read More »

New Techniques Adopted By SolarMarker To Maintain Presence On Hacked Systems

Leave a Comment / Malware /

As threat actors continuously change pattern, the operators of the SolarMarker information stealer and backdoor have been discovered to be leveraging stealthy tricks to establish long-term persistence on compromised systems. This was spotted by Sophos a cybersecurity firm, wherein they observed that the remote access implants are still being detected on targeted networks despite the

New Techniques Adopted By SolarMarker To Maintain Presence On Hacked Systems Read More »

Secret Backdoors Discovered In WordPress Plugins and Themes

Leave a Comment / Vulnerabilities /

In another software supply chain attack, dozens of WordPress themes and plugins hosted on a developer’s website were backdoored with malicious code in September 2021 with the goal of infecting further sites. This gave attackers full administrative control over websites that used 40 themes and 53 plugins belonging to AccessPress Themes, a Nepal-based company that

Secret Backdoors Discovered In WordPress Plugins and Themes Read More »

Researchers Discover Strategic Similarities b/w Notpeya and WhisperGate Attatcks

Leave a Comment / Malware /

The wiper malware which attacked dozens of Ukranian agencies earlier this month has been analysed thus revealing “strategic similarities” to NotPetya malware that was unleashed against the country’s infrastructure and elsewhere in 2017. WhisperGate as it is been called was discovered by Micrfosoft last week, which said it observed the destructive cyber campain targeting government,

Researchers Discover Strategic Similarities b/w Notpeya and WhisperGate Attatcks Read More »

Interpol Arrests 11 Members of a Nigerian Cybercrime Gang

Leave a Comment / Cyber Attacks /

11 members of a Nigerian cybercrime gang known for perpetrating business email compromise (BEC) have been apprehended by a coordinated law enforcement operation. This comes after a ten-day investigation dubbed Operation Falcon II undertaken by the Interpol along with participation from the Nigeria Police Force’s Cybercrime Police Unit in December 2021. Group-IB and Palo Alto

Interpol Arrests 11 Members of a Nigerian Cybercrime Gang Read More »

Europol Shuts Down VPNLab Popularly Used By Cybercriminals

Leave a Comment / Cyber Attacks /

The popular VPNLab.net used by malicious actors to deploy ransomware has been taken offline following a coordinated law enforcement operation. Europol stated that it took action against the misuse of the VPN service by grounding 15 of its servers on January 17 thus rendering it inoperable as part of a disruptive action that took place

Europol Shuts Down VPNLab Popularly Used By Cybercriminals Read More »

Researchers Discover 3 WordPress Plugins Leaving 84,000 Websites Vulnerable To Attack

Leave a Comment / Vulnerabilities /

Three WordPress plugins have been discovered to be affected with a security shortcoming which gives a malicious actor the opportunity to take over vulnerable websites. An attacker could update arbitrary site options on a vulnerable site, provided they could trick a site administrator into clicking a link or doing a thing. Tracked as CVE-2022-0215, the

Researchers Discover 3 WordPress Plugins Leaving 84,000 Websites Vulnerable To Attack Read More »