Exploiting UI Automation: A New Threat A newly devised technique exploits a Windows accessibility framework called UI Automation (UIA). This technique allows malicious actors to perform various harmful activities while remaining undetected by endpoint detection and response (EDR) solutions. Security experts are raising alarms about this emerging threat, as it poses risks to both individual…
New ZLoader Malware Variant: A Sneak Peek at ZLoader 2.9.4.0 Cybersecurity researchers have recently discovered an upgraded version of the notorious ZLoader malware, known as ZLoader 2.9.4.0. This latest iteration employs a Domain Name System (DNS) tunnel for command-and-control (C2) communications. This development underscores the ongoing evolution of ZLoader, with its threat actors honing their…
Critical Vulnerability in Microsoft MFA Cybersecurity researchers have identified a critical vulnerability in Microsoft’s multi-factor authentication (MFA) implementation. This flaw allows attackers to bypass MFA effortlessly, granting unauthorized access to victim accounts. Fortunately, understanding the issue can help users and organizations adopt preventive measures. What is Multi-Factor Authentication? Multi-factor authentication adds an extra layer of…
Cyber Attacks Linked to China-Based Threat Actors A suspected China-based threat actor has been linked to a series of cyber attacks targeting high-profile organizations in Southeast Asia since at least October 2023. This cyber espionage campaign is notable for its extensive reach, impacting various sectors. The targets include government ministries in two different countries, an…
In today’s highly distributed workplace, every employee has the ability to act as their own Chief Information Officer (CIO). They can adopt new cloud and Software as a Service (SaaS) technologies whenever and wherever they need. While this trend has greatly boosted productivity and innovation in the digital enterprise, it has also disrupted traditional approaches…
Introduction: New Cyber Surveillance Tool Uncovered Cybersecurity researchers have identified a new surveillance program believed to be employed by Chinese police departments. This tool, referred to as EagleMsgSpy, is a lawful intercept software designed to extract a wide variety of information from mobile devices. Its discovery raises significant concerns about privacy and state surveillance. Since…
Microsoft's December Patch Tuesday: A Critical Update Microsoft closed out its Patch Tuesday updates for 2024 with significant attention to security. The company addressed 72 security flaws across its software portfolio, one of which has been actively exploited in the wild. This update underscores the importance of vigilance in digital security as vulnerabilities can lead…
The U.S. government recently unsealed charges against a Chinese national accused of a significant cyber breach that affected thousands of Sophos firewall devices worldwide in 2020. Guan Tianfeng, also known by his online handles gbigmao and gxiaomao, is believed to have had ties with Sichuan Silence Information Technology Company, Limited. The charges brought against him…
Ivanti Issues Critical Security Updates: Addressing Privilege Escalation and Code Execution Flaws Ivanti has recently announced important security updates that tackle multiple critical vulnerabilities within its Cloud Services Application (CSA) and Connect Secure products. These vulnerabilities present serious risks, including privilege escalation and potential code execution threats. Organizations using these services should act swiftly to…
Urgent Security Warning for Cleo Users: Protect Your File Transfer Software Recent reports indicate a significant risk for users of Cleo-managed file transfer software. Cybersecurity firm Huntress has discovered that threat actors are exploiting a vulnerability affecting fully patched systems. This situation escalated on December 3, 2024, urging all users to take immediate action to…