Xiū Gǒu Phishing Kit: The ‘Doggo’ of Phishing Campaigns with Global Reach
The Netcraft research team recently revealed details about a new and distinct phishing kit known as “Xiū Gǒu” (修狗). In use since September 2024, this phishing toolkit has been deployed... The post Xiū...
View ArticleCentury Systems Routers Vulnerable to Remote Exploitation – CVE-2024-50357...
Century Systems Co., Ltd. has issued a critical security advisory regarding its FutureNet NXR series routers. A vulnerability, tracked as CVE-2024-50357 and assigned a CVSS score of 9.8 (indicating...
View ArticleGOOTLOADER Malware Continues to Evolve: Google Researchers Uncover Advanced...
Google researchers recently released an in-depth analysis of GOOTLOADER, also known as SLOWPOUR or Gootkit Loader, an obfuscated JavaScript downloader, revealing new tactics employed by...
View ArticlePygmy Goat Malware: A Sophisticated Network Device Backdoor Targets Firewalls
In a recent report by the National Cyber Security Centre (NCSC), analysts detailed a new malware threat targeting network devices, dubbed “Pygmy Goat.” This backdoor malware, discovered on Sophos XG......
View ArticleCVE-2024-43047 & CVE-2024-43093: Android Zero-Days Demand Immediate Patching
In its November 2024 security update, Google has addressed 40 security vulnerabilities in the Android operating system, two of which are flagged as actively exploited: CVE-2024-43047 and...
View ArticleFBI Warning: “Remember Me” Cookies Put Your Email at Risk
The Federal Bureau of Investigation (FBI) Atlanta Division has issued an urgent warning to the public about a surge in cybercriminals exploiting “Remember-Me” cookies to gain unauthorized access to...
View ArticleWarning: LastPass Alerts Users to Phishing Scam Using Fake Support Reviews on...
LastPass, a leading password management platform, has issued a critical warning to users about a social engineering campaign targeting its customer base through deceptive reviews on its Chrome Web...
View ArticleStealthy Process Injection: New Kernel Callback Table Technique Exposed
A recent blog by security researcher Hossam Ehab has detailed an advanced technique for process injection through manipulation of the Kernel Callback Table within the Process Environment Block (PEB)...
View ArticleSri Lanka: New Target for T-APT-04 APT Group
In a recent report by cybersecurity expert Nimantha Deshappriya, details have emerged about a sustained cyber-espionage campaign orchestrated by the advanced persistent threat (APT) group known as...
View ArticleAWS IAM Roles Anywhere: A Potential Backdoor for Attackers?
In a recent publication, cybersecurity engineer Adan explores a potentially underappreciated security risk in Amazon Web Services (AWS) through the IAM Roles Anywhere feature. Introduced in July 2022,...
View ArticleCable: Open-Source, Powerful Tool for Active Directory Post-Exploitation and...
Active Directory (AD) remains a core component of enterprise environments, and as such, understanding its vulnerabilities is crucial for both attackers and defenders. Enter Cable, a streamlined,...
View ArticleBeyond VPNs and Botnets: Understanding the Danger of ORB Networks
The S2 Research Team at Team Cymru has recently shed light on an escalating threat in the cybersecurity landscape: Operational Relay Box (ORB) networks. Defined as a hybrid between a... The post Beyond...
View ArticleStealc Malware: The Infostealer Targeting Credentials, Crypto Wallets, and More
In a recent analysis, the SonicWall Capture Labs threat research team revealed the insidious capabilities of Stealc, an infostealer malware designed to steal credentials, cryptocurrency, and other...
View ArticleGoogle Chrome Patches Two High-Severity Vulnerabilities: Update Now!
Google has just released an update for its Chrome web browser, addressing two high-severity vulnerabilities that malicious actors could exploit. Users are strongly urged to update their browsers...
View ArticleLameDuck: A Threat Actor Mixing Politics and Profit with Over 35,000 DDoS...
In a recent report, Cloudflare reveals details about the threat actor LameDuck (Anonymous Sudan), a pro-Islamic, anti-Western group responsible for over 35,000 DDoS attacks against targets worldwide....
View ArticleOver 1,500 Devices Infected: Android Trojan ToxicPanda Targets Banks in...
In a new report, Cleafy’s Threat Intelligence team has detailed the emergence of a banking trojan known as ToxicPanda, a sophisticated Android malware that has quickly gained prominence by targeting......
View ArticleNew Keylogger Targeting U.S. Organizations Linked to North Korean APT Group...
A recent analysis from Hybrid Analysis, led by security researcher Vlad Pasca, reveals a newly identified keylogger malware attributed to the North Korean APT group Andariel. Known for their...
View ArticlePoC Exploit Releases for Critical Symlink Flaw in Apple’s iOS – CVE-2024-44258
In a recent analysis, cybersecurity researchers Hichem Maloufi and Christian Mina detailed CVE-2024-44258, a symlink vulnerability affecting Apple’s ManagedConfiguration framework and the profiled...
View ArticleCVE-2024-20418 (CVSS 10): Cisco URWB Access Points Vulnerable to Remote Takeover
In a critical security advisory, Cisco has disclosed a command injection vulnerability in its Unified Industrial Wireless Software used for Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points....
View ArticleAPT36 Advances with ElizaRAT and ApoloStealer: New Tactics in Espionage...
In a new report, cybersecurity researchers from Check Point detail the evolution of ElizaRAT, a remote access tool (RAT) used by the notorious APT36, also known as Transparent Tribe. The... The post...
View Article