Fortune 1000’s Hidden Threat: 30,000 Exposed APIs and 100,000 API...
The State of API Exposure 2024 report from the Escape team has unveiled a staggering number of exposed and vulnerable APIs within some of the world’s largest organizations. This comprehensive... The...
View ArticleFake Identities, Real Profits: Exposing North Korea’s IT Front Companies
SentinelLabs has exposed a sophisticated network of front companies linked to North Korean IT workers. These entities, operating under the guise of legitimate businesses, were recently disrupted by...
View ArticlePROSPERO & Proton66: Unmasking the Bulletproof Hosting Connection
In a comprehensive report by Intrinsec, the cybersecurity community is presented with detailed insights into the connection between two Russian autonomous systems (ASNs), PROSPERO (AS200593) and...
View ArticleGovernment IDs and Facial Recognition: A New Phishing Threat
A recent report by Harsh Patel and Brandon Cook from the Cofense Phishing Defense Center highlights a dangerous new tactic aimed at exploiting online users by combining phishing for government... The...
View ArticleAsyncshell: The Evolution of APT-K-47’s Cyber Arsenal
The Knownsec 404 Advanced Threat Intelligence team has uncovered a sophisticated and evolving threat from the APT-K-47 group, also known as Mysterious Elephant. This South Asia-based Advanced...
View ArticleWolfsBane: Gelsemium APT Group’s Linux Backdoor Debut
ESET researchers have unveiled WolfsBane, the Linux counterpart to the Windows-based Gelsevirine backdoor, marking a significant milestone in the evolution of the Gelsemium Advanced Persistent Threat...
View ArticleRussia-Linked TAG-110 Launches Cyberespionage Campaign Across Asia and Europe
Insikt Group, the threat research division of Recorded Future, has uncovered a cyberespionage campaign attributed to TAG-110, a Russia-aligned threat activity group. This campaign, active since at...
View ArticleGoogle Docs and Weebly Weaponized in New Phishing Scheme
A recent phishing campaign, uncovered by EclecticIQ researchers, highlights the lengths attackers will go to exploit trusted platforms and infrastructure. Financially motivated threat actors targeted...
View ArticleCVE-2024-11477: 7-Zip Vulnerability Allows Remote Code Execution, Update Now!
A high-severity vulnerability (CVE-2024-11477) has been discovered in the popular file archiver 7-Zip, potentially allowing attackers to execute malicious code on vulnerable systems. The flaw,...
View ArticleCVE-2024-48860 (CVSS 9.5): Critical Flaw in QNAP QuRouter, Immediate Update...
QNAP has issued a security advisory urging users of its QuRouter network appliance to update their devices immediately. The advisory addresses multiple vulnerabilities, including CVE-2024-48860 and...
View ArticleUnveiling the “Nearest Neighbor Attack”: A Russian APT’s Covert Tactic to...
Volexity, a leading cybersecurity firm, has revealed a novel attack technique employed by the Russian APT group GruesomeLarch (also known as APT28, Fancy Bear, etc.). Dubbed the “Nearest Neighbor...
View ArticleMalicious npm Packages Exploiting Typosquatting to Inject SSH Backdoors
The developer community should be vigilant by the discovery of six malicious npm packages masquerading as popular libraries. According to a recent report by Socket’s threat research team, these...
View Article7 Android & Pixel Vulnerabilities Exposed: Researcher Publishes PoC Exploits
Oversecured, a renowned cybersecurity firm, has unearthed seven vulnerabilities within the Android operating system and Google Pixel devices. Two of these vulnerabilities specifically endangered Google...
View ArticleLazarus Group Exploits xattr with “RustyAttr” to Evade Detection
The Lazarus Group, a notorious North Korean cyber espionage collective, has added another stealthy technique to its arsenal: the abuse of xattr, or extended file attributes, in Unix-based systems...
View ArticleCVE-2023-28461 (CVSS 9.8): Critical Array Networks Vulnerability Added to KEV...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2023-28461, a high-severity security flaw impacting Array Networks AG and vxAG ArrayOS, to its Known Exploited...
View ArticleNorth Korean and Chinese Threat Actors Target Crypto, Aerospace, and...
At CYBERWARCON 2024, Microsoft Threat Intelligence unveiled groundbreaking research on two major nation-state cyber actors: North Korea and China. These revelations provide a closer look at their...
View ArticleInfostealers VietCredCare and DuckTail Fuel Facebook Business Account...
Vietnam has become a hotspot for malicious operations targeting Facebook Business accounts, with threat actors leveraging infostealers like VietCredCare and DuckTail. According to a report from...
View ArticleCVE-2024-10542 & CVE-2024-10781: Critical WordPress Plugin Flaw Exposes...
A recent report from the Wordfence Threat Intelligence Team has revealed two critical vulnerabilities in the Anti-Spam by CleanTalk WordPress plugin, impacting over 200,000 active installations. These...
View ArticleCritical Vulnerabilities in QNAP Notes Station 3: Update Now to Protect Your...
QNAP has issued a security advisory regarding multiple critical vulnerabilities in Notes Station 3, a popular application for managing and sharing notes on QNAP devices. These vulnerabilities, with...
View ArticlePHP Patches Multi Flaws, Including CVE-2024-8932 (CVSS 9.8), Urges Immediate...
The PHP development team has released urgent security updates to address multiple vulnerabilities affecting versions prior to 8.1.31, 8.2.26, and 8.3.14. These vulnerabilities range in severity, with...
View Article