Gamaredon’s Tactics: Leveraging Cloudflare Tunnels for Malware Distribution The threat actor known as Gamaredon has been actively observed using Cloudflare Tunnels to hide its staging infrastructure, where it hosts the malware called GammaDrop. This activity is part of a broader spear-phishing campaign aimed at Ukrainian entities, which has been ongoing since early 2024. According to…
As many as 77 banking institutions, cryptocurrency exchanges, and national organizations have become the target of a newly discovered Android remote access trojan (RAT) called DroidBot. This malware poses a significant risk, employing advanced techniques that allow it to evade discovery while stealing sensitive data from users. What is DroidBot? DroidBot is a state-of-the-art remote…
Understanding Vulnerability Management Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, VM helps organizations identify and address potential security issues before they escalate into serious problems. However, the limitations of this approach have become increasingly evident in recent years. In this blog post,…
Europol's Major Operation Against Manson Market Europol has taken a significant step in the fight against online fraud. On Thursday, the agency announced the shutdown of a clearnet marketplace known as Manson Market. This platform facilitated large-scale online fraud, affecting countless individuals and businesses. The operation, primarily led by German authorities, has resulted in the…
Understanding the Mitel MiCollab Vulnerability Cybersecurity researchers have recently discovered a serious security flaw within Mitel MiCollab. This flaw, identified as CVE-2024-41713, carries a high CVSS score of 9.8. It allows attackers to exploit a weakness in the system to gain access to sensitive files from vulnerable instances. This poses a significant risk to organizations…
Understanding the Earth Minotaur Threat Activity Cluster A new and previously undocumented threat activity cluster, known as Earth Minotaur, is making waves in cybersecurity discussions. This cluster utilizes the MOONSHINE exploit kit to deliver a dangerous backdoor called DarkNimbus. The targets of these operations include minorities such as Tibetans and Uyghurs, indicating a troubling trend…
Vulnerability Management (VM) is a vital aspect of organizational cybersecurity. It helps organizations identify and fix security issues before they escalate into serious threats. While Vulnerability Management has served as a fundamental approach for many years, the limitations of this method are becoming clear. In today’s rapidly changing cyber landscape, it’s essential to adapt and…
Cybersecurity Alert: Major U.S. Organization Targeted by Chinese Threat Actor A suspected Chinese threat actor targeted a large U.S. organization earlier this year in a significant cybersecurity intrusion. According to Symantec, a Broadcom subsidiary, the first signs of this malicious activity were detected on April 11, 2024, and the attack persisted for four months, concluding…
MirrorFace: A New Spear-Phishing Campaign Targeting Japan In June 2024, a China-linked threat actor known as MirrorFace launched a spear-phishing campaign primarily targeting individuals and organizations in Japan. This campaign has raised concerns due to its focus on delivering malicious backdoors such as NOOPDOOR (also known as HiddenFace) and ANEL (also known as UPPERCUT). According…
Security Flaws Identified in Zyxel, North Grid Proself, ProjectSend, and CyberPanel: What You Need to Know The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently added several critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. These flaws affect products from companies like Zyxel, North Grid Proself, ProjectSend, and CyberPanel. This alarming news indicates that…