The dark web payment portal operated by Conti the ransomware group has gone down in what appears to be a shift to a new infrastructure after details of inner working of the group was made public. According to MalwareHunterTeam, “while both the clearweb and Tor domains of the leak site of the Conti ransomware gang […]
Conti Ransomware Group Secrets Exposed Read More »
The FBI has disclosed that a yet to be identified threat actor has been exploiting a previously known weakness in the FatPipe MPVPN networking devices at least since May 2021 using it to obtain initial foothold as well as maintain persistent access into the vulnerable networks. This allowed APT actors to gain unrestricted file upload
FBI Releases Alert on Currently Exploited FatPipe VPN Zero-Day Bug Read More »
There has been an increase in the adoption of ransomware as a means of generating revenue for nation-state operators with affiliations with Iran. So far, six threat actors with the West Asian country have been discovered deploying ransomware to achieve their strategic objectives, researchers from Microsoft Threat Intelligence Center (MSTIC) revealed, adding that the ransomware
Microsoft Discloses 6 Iranian Hacking Groups Turning to Ransomware Read More »
A joint advisory warning of active exploitation of Fortinet and Microsoft Exchange Proxyshell has been released by cybersecurity agencies from Australia, U.S and the U.K. Iranian state-sponsored actors are believed to be behind this attacks and are leveraging multiple Fortinets FortiOS vulnerabilities dating back to March 2021 as well as a a remote code execution
Researchers have discovered a hacker-for-hire group called “Void Balaur” which has been linked to strings of cyberespionage and data theft activities targeting politicians, human right activists and government officials since 2015 for financial gain. The group was only recently unmasked when advertisements of its services was cited in a Russia-speaking underground forum dating all the
Researchers Discover “Void Balaur” the Hacker-for-Hire Group Active since 2015 Read More »
Threat actors believed to be affiliated with Iran has been linked to series of targeted attacks aimed at telecommunication operators and internet service providers (ISPs) in Morocco, Saudi Arabia and Isreal and a few ministries of foreign affairs (MFA) in Africa. The group tracked as Lyceum is believed to have occurred between July and October
ISPs and Telecomms are Currently Targets of Iranian Hackers Lyceum Read More »
A Zero-day vulnerability has been disclosed in Palo Alto Networks GlobalProtect VPN capable of being abused by an unauthenticated network-based attacker to execute arbitrary code on affected devices using root privileges Tracked as CVE-2021-3064 (CVSS score:9.8), the security weakness impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.1.17. This flaw was discovered and reported by Masachusetts-based
Palo Alto Warns of Zero-Day Bug in Firewalls Using GlobalProtect Portal VPN Read More »
With the bubble of the Internet comes a plethora of flaws and vulnerabilities available at the disposal of threat actors. There’s a popular saying that as long as there is a system to operate, there’ll be a vulnerability waiting to be exploited. Open Web Application Security Project (OWASP) is an online community which produces articles,
OWASP Top 10 2021 Quick List Review Read More »
Law enforcement authorities in Romania on November 4 arrested two individuals for their role played as affiliates of REvill ransomware. The suspects have been linked to more than 5,000 ransomware attacks and extorted close to $600,000 from victims. The arrest is a part of a coordinated operation called GoldDust, which has resulted in arrest of
REvil Ransomware Associates Arrested in Global Takedown Read More »
Robinhood has disclosed a security breach incidence which took place “late in the evening of November 3” and affected over 7 million customers eventually resulting in unauthorized access of personal information by an unidentified threat actor. They have however stated that the attack has been contained and no Social Security, bank account numbers or debit
Robinhood Trading App Suffers Data Breach of over 7 Million Users’ Account Read More »
