Advanced threat predictions for 2022
Over the past 12 months, the style and severity of APT threats has continued to evolve. Despite their constantly changing nature, there is a lot we can learn from recent APT trends to predict...
Tagged: Threat
New side channel attack resurrects DNS poisoning threat
The research on the vulnerability, designated CVE-2021-20322, was presented Wednesday by researchers at the ACM Conference on Computer and Communications Security in South Korea. click here to read full Article Read more on Malware...
Server-side vulnerabilities in Concrete CMS put thousands of websites under threat
Multiple security vulnerabilities in a popular open source content management system (CMS) could allow a malicious attacker to gain full control of the underlying web server. click here to read full Article Read more...
Resecurity brings dark web and threat intelligence to AWS Marketplace
Resecurity announced their cybersecurity risk management and monitoring solution is now available on Amazon’s AWS Marketplace. AWS Marketplace is a curated digital catalog with over 10,000 products that makes it easy for organizations to...
Three Threat Groups Found Interconnected to a Common Broker
BlackBerry discovered that actors behind MountLocker, Phobos, and the StrongPity APT are dependent on a common initial access broker, dubbed Zebra2104, for their malware campaigns. The broker has helped criminals break into the networks...
AzureHunter – A Cloud Forensics Powershell Module To Run Threat Hunting Playbooks On Data From Azure And O365
A Powershell module to run threat hunting playbooks on data from Azure and O365 for Cloud Forensics purposes. Getting Started 1. Check that you have the right O365 Permissions The following roles are required...
Iranian threat actors attempt to buy stolen data of US organizations, FBI warns
The FBI issued a private industry notification to warn industry partners that Iran-linked threat actors are attempting to buy stolen information belonging to US businesses and organizations abroad. click here to read full Article...
Navigating The Threat Landscape 2021 – From Ransomware to Botnets
Though we are recovering from the worst pandemic, cyber threats have shown no sign of downshifting, and cybercriminals are still not short of malicious and advanced ways to achieve their goals. The Global Threat Landscape...
Gamaredon Threat Group Allegedly Linked to Russia
Ukraine agencies disclosed the details, including the real names, of the members of the Gamaredon group and linked its activities with Russia’s FSB. According to the report, the group allegedly carried out around 5,000 cyberattacks...
New Threat Group Exploits Zoho Flaws in U.S Orgs
Palo Alto Networks discovered that Emissary Panda, a hacking group with ties to China, is exploiting Zoho software flaws in the networks of at least nine organizations in the defense, energy, technology, healthcare, and...
API sprawl: A threat you might want to address later, but you can’t ignore it
F5 announced a report which analyzes the serious threat to business and the economy posed by the global proliferation of APIs. When APIs gained widespread adoption in the early 2000s, they were primarily viewed...
Threat actor exploits MS ProxyShell flaws to deploy Babuk ransomware
Talos researchers warn of a new threat actor that is hacking Microsoft Exchange servers by exploiting ProxyShell flaws to gain access to corporate and deploy the Babuk Ransomware. click here to read full Article...
Cybersecurity threat landscape growing in sophistication, complexity and impact
The 9th edition of the ENISA Threat Landscape (ETL) report released by the European Union Agency for Cybersecurity highlights the surge in cybercriminality motivated by monetization using ransomware or cryptojacking. It covers a period...
DECAF Ransomware: A New Golang Threat Makes Its Appearance
Morphisec Labs has identified a new strain of ransomware, implemented in Go 1.17 and named DECAF. The first version, which includes symbols and test assertion, was identified in late September. click here to read...
Utilities Face Growing Global Cyber Threat Landscape
The global electric utility sector is facing an increasingly dangerous cyberthreat landscape, even though there hasn’t been a publicly witnessed disruptive attack over the past five years. click here to read full Article Read...
Trickbot Grows Fierce, Joins Hands With New Threat Groups
The TrickBot gang reportedly added two affiliates dubbed Hive0106 (aka TA551) and Hive0107 to inflict attacks on corporate networks. Looking at the rise in attack attempts, researchers urge enabling multi-factor authentication as a top...
