Feb 22, 2023Ravie LakshmananExploitation Framework / Cyber Threat An open source command-and-control (C2) framework known as Havoc is being adopted by threat actors as an alternative to other well-known legitimate toolkits like Cobalt Strike, Sliver, and Brute Ratel. Cybersecurity firm Zscaler said it observed a new campaign in the beginning of January 2023 targeting an … [Read more...] about Threat Actors Adopt Havoc Framework for Post-Exploitation in Targeted Attacks
attacks
Samsung Introduces New Feature to Protect Users from Zero-Click Malware Attacks
Feb 20, 2023Ravie LakshmananMobile Security / Zero Day Samsung has announced a new feature called Message Guard that comes with safeguards to protect users from malware and spyware via what's referred to as zero-click attacks. The South Korean chaebol said the solution "preemptively" secures users' devices by "limiting exposure to invisible threats disguised as image … [Read more...] about Samsung Introduces New Feature to Protect Users from Zero-Click Malware Attacks
CISA Warns of Active Attacks Exploiting Fortra MFT, TerraMaster NAS, and Intel Driver Flaws
Feb 11, 2023Ravie LakshmananThreat Response / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active abuse in the wild. Included among the three is CVE-2022-24990, a bug affecting TerraMaster network-attached storage (TNAS) devices that could … [Read more...] about CISA Warns of Active Attacks Exploiting Fortra MFT, TerraMaster NAS, and Intel Driver Flaws
CERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks
Feb 08, 2023Ravie LakshmananThreat Intelligence / Cyber War The Computer Emergency Response Team of Ukraine (CERT-UA) has issued an alert warning of cyber attacks against state authorities in the country that deploy a legitimate remote access software named Remcos. The mass phishing campaign has been attributed to a threat actor it tracks as UAC-0050, with the agency … [Read more...] about CERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks
New Wave of Ransomware Attacks Exploiting VMware Bug to Target ESXi Servers
Feb 04, 2023Ravie LakshmananEnterprise Security / Ransomware VMware ESXi hypervisors are the target of a new wave of attacks designed to deploy ransomware on compromised systems. "These attack campaigns appear to exploit CVE-2021-21974, for which a patch has been available since February 23, 2021," the Computer Emergency Response Team (CERT) of France said in an advisory on … [Read more...] about New Wave of Ransomware Attacks Exploiting VMware Bug to Target ESXi Servers
Researchers Warn of Kavach 2FA Phishing Attacks Targeting Indian Govt. Officials
Dec 23, 2022Ravie LakshmananCyber Espionage / Pakistani Hackers A new targeted phishing campaign has zoomed in on a two-factor authentication solution called Kavach that's used by Indian government officials. Cybersecurity firm Securonix dubbed the activity STEPPY#KAVACH, attributing it to a threat actor known as SideCopy based on tactical overlaps with prior attacks. ".LNK … [Read more...] about Researchers Warn of Kavach 2FA Phishing Attacks Targeting Indian Govt. Officials
New KmsdBot Malware Hijacking Systems for Mining Crypto and Launch DDoS Attacks
A newly discovered evasive malware leverages the Secure Shell (SSH) cryptographic protocol to gain entry into targeted systems with the goal of mining cryptocurrency and carrying out distributed denial-of-service (DDoS) attacks. Dubbed KmsdBot by the Akamai Security Intelligence Response Team (SIRT), the Golang-based malware has been found targeting a variety of companies … [Read more...] about New KmsdBot Malware Hijacking Systems for Mining Crypto and Launch DDoS Attacks
Microsoft Blames Russian Hackers for Prestige Ransomware Attacks on Ukraine and Poland
Microsoft on Thursday attributed the recent spate of ransomware incidents targeting transportation and logistics sectors in Ukraine and Poland to a threat cluster that shares overlaps with the Russian state-sponsored Sandworm group. The attacks, which were disclosed by the tech giant last month, involved a strain of previously undocumented malware called Prestige and is said to … [Read more...] about Microsoft Blames Russian Hackers for Prestige Ransomware Attacks on Ukraine and Poland
How can I help protect my company from phishing attacks?
I’m sure you’ve seen them — emails or messages that sound alarming and ask you to act quickly. We live in a digital world that produces hundreds of messages and alerts every day. It’s often hard to determine the validity of a suspicious message or phishing email. Whether you are an administrator, or an end-user, it can be overwhelming to accurately identify a malicious message. … [Read more...] about How can I help protect my company from phishing attacks?
BazarCall Callback Phishing Attacks Constantly Evolving Its Social Engineering Tactics
The operators behind the BazaCall call back phishing method have continued to evolve with updated social engineering tactics to deploy malware on targeted networks. The scheme eventually acts as an entry point to conduct financial fraud or the delivery of next-stage payloads such as ransomware, cybersecurity company Trellix said in a report published last week. Primary targets … [Read more...] about BazarCall Callback Phishing Attacks Constantly Evolving Its Social Engineering Tactics