Cybercriminals Target LatAm Banks: Mekotio, BBTok Lead the Charge
Phishing scams are rapidly evolving in Latin America, bringing back notorious banking Trojans like Mekotio, BBTok, and Grandoreiro. According to a recent report from Trend Micro, these cybercriminal...
View ArticleUnmasking PackXOR: The FIN7 Packer Exposed
HarfangLab published an in-depth analysis of a newly identified private packer dubbed “PackXOR,” a tool used by threat actors, including the notorious FIN7 group. Initially observed as part of the......
View ArticleMindsDB Fixes Critical CVE-2024-24759: DNS Rebinding Attack Bypasses Security...
MindsDB, the widely-used open-source platform for building AI applications, has patched a severe security vulnerability that could allow attackers to bypass security measures and launch a variety of...
View ArticleBeware the Drive-By Download: LummaC2 Stealer and Malicious Chrome Extension...
A new and sophisticated malware campaign has been detected by eSentire’s Threat Response Unit (TRU), leveraging DLL side-loading to distribute the LummaC2 stealer and a malicious Chrome extension. This...
View ArticlePredator Spyware Roars Back: New Infrastructure, Evasive Tactics
Recently, cybersecurity researchers from Insikt Group have identified a resurgence of Predator spyware infrastructure, previously believed to be largely inactive due to public exposure and U.S....
View ArticleFog Ransomware Group Shifts Focus: Financial Sector Now in Crosshairs
The Fog ransomware group, notorious for its attacks on the education and recreational sectors, has set its sights on a new, more lucrative target: the financial services industry. Adlumin, a... The...
View ArticleAkira Ransomware Exploits SonicWall SSLVPN Flaw (CVE-2024-40766)
SonicWall has issued a warning: the recently patched critical access control vulnerability, tracked as CVE-2024-40766, is now actively exploited in the wild. The flaw, originally thought to impact only...
View ArticleBlindEagle APT Targets Colombian Insurance with BlotchyQuasar RAT
Cybersecurity researchers at Zscaler ThreatLabz have uncovered a new wave of attacks by the BlindEagle APT group, this time zeroing in on the Colombian insurance sector. Utilizing phishing emails...
View ArticlePoC Exploit Releases for Windows Elevation of Privilege Vulnerability...
Security researcher published the technical details and a proof-of-concept (PoC) exploit for a patched elevation of privilege vulnerability in the Windows Telephony service tracked as CVE-2024-26230....
View ArticleHAProxy Vulnerability CVE-2024-45506 Under Active Exploit: Urgent Patching...
In the latest security advisory, HAProxy revealed that CVE-2024-45506, a vulnerability in its popular load balancing and proxy software, is now actively exploited. The vulnerability, which has a CVSS...
View ArticleCritical Kibana Flaws (CVE-2024-37288, CVE-2024-37285) Expose Systems to...
Elastic, the company behind the popular open-source data visualization and analytics platform Kibana, has issued a critical security advisory urging users to update immediately to version 8.15.1. Two...
View ArticleTIDRONE: The Unseen Cyberespionage Threat Targeting Taiwan’s Military and...
A newly identified threat cluster, dubbed TIDRONE, has been actively targeting the Taiwanese military and satellite industries since the beginning of 2024, according to a report from Trend Micro....
View ArticleChinese APT Stately Taurus Exploits Visual Studio Code in Cyberespionage Attacks
In a recent report, cybersecurity researchers at Unit 42 have uncovered a novel and concerning tactic employed by the Chinese advanced persistent threat (APT) group Stately Taurus. This group, known......
View ArticleSpyAgent Malware Targets Crypto Wallets via Image Scanning
McAfee’s Mobile Research Team has issued a warning about a new, sophisticated Android malware campaign dubbed SpyAgent. This insidious malware targets users’ cryptocurrency wallets by scanning images...
View ArticleNew Loki Backdoor Emerges: A Private Agent for Mythic Framework Unveiled
Kaspersky Labs uncovered a new threat—Loki, a sophisticated backdoor that has been deployed in a series of targeted attacks. This backdoor is linked to the open-source Mythic framework, a platform......
View ArticleToneShell Backdoor Targets IISS Defence Summit Attendees in Latest Espionage...
Cyber espionage continues to intertwine with global strategy as the ToneShell backdoor, linked to the notorious Mustang Panda group, reemerges. In a recent report from Hunt.io, cybersecurity...
View ArticleChinese APT Groups Continue to Leverage Open-Source and Custom Reconnaissance...
The Natto Thoughts team recently uncovered key insights into the reconnaissance techniques used by Chinese state-sponsored threat actors. A deep dive into the tactics of APT41 and other groups such......
View ArticleFreeBSD Issues Urgent Security Advisory for CVE-2024-43102 (CVSS 10)
The FreeBSD Project has issued a security advisory warning of a critical vulnerability (CVE-2024-43102) affecting multiple versions of its operating system. This flaw, rated with a maximum CVSS score...
View ArticleCVE-2024-30051: Windows Elevation of Privilege Flaw Exploited by QakBot...
Security researchers published the technical details and a proof-of-concept exploit (PoC) code for a zero-day vulnerability in Windows, tracked as CVE-2024-30051, which could allow attackers to...
View ArticleCVE-2024-6342: Critical Command Injection Flaw in Zyxel NAS Devices, Hotfixes...
Zyxel has released critical hotfixes for two of its NAS products, NAS326 and NAS542, which have already reached their end-of-vulnerability-support lifecycle. These devices are susceptible to a command...
View Article