The Tricky Meta Quest Application In the ever-evolving landscape of cyber threats, a new sneaky campaign has emerged to deceive unsuspecting users searching for the Meta Quest application (previously known as Oculus) for Windows. Unfortunately, instead of finding the sought-after application, users are lured into downloading a malicious product known as AdsExhaust. The Malicious Nature…
The U.S. Department of the Treasury Imposes Sanctions on Kaspersky Lab In a significant development, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has recently imposed sanctions on twelve individuals holding executive and senior leadership positions at Kaspersky Lab. This action comes hot on the heels of the Commerce Department’s ban…
The LAUSD Data Breach: A Snowflake Vulnerability Strikes In a recent incident that sent shockwaves through the education sector, the Los Angeles Unified School District (LAUSD) fell victim to a significant data breach. The breach was attributed to a vulnerability in the Snowflake data platform, a popular choice for data storage and analytics. This breach…
New Adware “AdsExhaust” Poses as Oculus Installer In the ever-evolving landscape of cyber threats, a new adware known as “AdsExhaust” has made its appearance, posing as an Oculus installer. This deceptive tactic is designed to lure users into downloading and installing the malware under the guise of a legitimate software application. The Danger of AdsExhaust…
Unveiling SneakyChef: The Chinese-speaking Threat Actor A mysterious threat actor known as SneakyChef has emerged in the cybersecurity landscape, catching the attention of experts for their covert operations. The group, believed to be of Chinese origin based on their language use, has been implicated in a sophisticated espionage campaign targeting government entities across Asia and…
Cybersecurity Researchers Uncover Phishing Campaign Targeting Pakistan Cybersecurity experts have recently revealed the existence of a new phishing campaign called PHANTOM#SPIKE, aimed at individuals in Pakistan. This campaign involves the use of a customized backdoor by unknown threat actors, who have employed military-themed phishing documents to trigger the infection process. Identifying the Threat Securonix, the…
Introducing SOC Automation Capability Matrix by Tines The SOC Automation Capability Matrix (SOC ACM) is the brainchild of John Tuckner and his dedicated team at Tines, an automation and AI-powered workflow platform. This comprehensive tool is crafted to empower security operations teams, enabling them to enhance their automation capabilities and adeptly tackle cybersecurity incidents. A…
Malvertising Campaign Targets Popular Software with Trojanized Installers A recent report by Rapid7 has uncovered a new malvertising campaign that is using trojanized installers for well-known software like Google Chrome and Microsoft Teams. According to the findings, the campaign is delivering a backdoor called Oyster, also known as Broomstick and CleanUpLoader. Sophisticated Tactics by Malvertisers…
The SolarWinds Serv-U Vulnerability In the realm of IT security, there’s always a new challenge on the horizon. Recently, a high-severity flaw was discovered in the SolarWinds Serv-U file transfer software. This vulnerability, known as CVE-2024-28995 and boasting a CVSS score of 8.6, presents a serious risk to users of this software. The Nitty-Gritty Details…
U.S. Department of Commerce Bans Kaspersky Lab’s U.S. Subsidiary In a bold move, the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) has issued a groundbreaking ban on Kaspersky Lab’s U.S. subsidiary. This ban prevents the subsidiary from directly or indirectly offering its security software within the United States. Additionally, the ban extends…