Cybersecurity Alert: New Phishing Campaign Targeting Microsoft OneDrive Users Cybersecurity researchers have uncovered a devious phishing campaign that specifically aims at users of Microsoft OneDrive, attempting to infiltrate their systems through the execution of a malicious PowerShell script. Social Engineering at Play According to Rafael Pena, a security researcher at Trellix, the campaign is heavily…
Exploited Security Flaw in VMware ESXi Hypervisors A critical security flaw in VMware ESXi hypervisors, known as CVE-2024-37085, has recently been identified and actively exploited by multiple ransomware groups. This vulnerability has a CVSS score of 6.8 and allows threat actors to bypass Active Directory integration authentication. By exploiting this flaw, attackers can gain elevated…
Cybersecurity Company Acronis Warns of Critical Security Flaw in ACI Product Acronis, a leading cybersecurity company, recently raised red flags about a critical security vulnerability that has been identified and patched in its Acronis Cyber Infrastructure (ACI) product. The alarming issue is related to remote code execution, a serious threat in the cybersecurity realm, and…
Unknown Threat Actor Exploits Email Routing Misconfiguration in Proofpoint’s Defenses An unidentified threat actor recently orchestrated a large-scale scam campaign by taking advantage of an email routing misconfiguration in the email security vendor Proofpoint’s defenses. This malicious entity sent out millions of messages masquerading as legitimate companies, thanks to an exploit in Proofpoint’s system. The…
The Mystery of Searchable Encryption Unveiled Searchable Encryption has long been an elusive concept in the realm of cybersecurity. A seemingly paradoxical combination of securing data while still allowing it to be easily searched, viewed, and modified for operational purposes. This conundrum has left many professionals scratching their heads, unsure of how to strike a…
Uncovering the Stargazer Goblin: A Tale of Cyber Intrigue In the world of cybersecurity, there’s always a new threat lurking around the corner. Meet the notorious Stargazer Goblin, a threat actor who has cunningly devised a network of inauthentic GitHub accounts to fuel a sophisticated Distribution-as-a-Service (DaaS) scheme. This devious operation entails spreading a variety…
Gh0st RAT and Gh0stGambit: A Lethal Combination The notorious remote access trojan Gh0st RAT has resurfaced, this time in collaboration with an “evasive dropper” known as Gh0stGambit. This lethal combination is being used in a sophisticated drive-by download scheme that specifically targets Chinese-speaking Windows users. The threat actors behind this operation are cunning and have…
“French Authorities Partner with Europol to Combat PlugX Malware” French judicial authorities have joined forces with Europol to conduct a large-scale operation aimed at eliminating the PlugX malware from compromised hosts. Known for its malicious activities, PlugX has caused havoc across various countries, prompting this collaborative effort between the Paris Prosecutor’s Office and Europol. The…
Cybersecurity Threat on PyPI Repository: lr-utils-lib Malware Overview Recently, cybersecurity researchers unearthed a troubling cybersecurity threat on the Python Package Index (PyPI) repository. Dubbed “lr-utils-lib,” this malicious package was specifically designed to target Apple macOS systems. Its main objective? To pilfer users’ Google Cloud credentials from a select group of potential victims. Insights This deceptive…
Spanish-Speaking Cybercrime Group GXC Team Elevates Malware-As-A-Service Game A cybercrime crew known as the GXC Team is making some waves in the digital underworld by combining phishing kits with dodgy Android apps. This shady tactic is pushing the boundaries of the malware-as-a-service (MaaS) realm, showing an evolution in their devious methods. Group-IB’s Insight into the…