Cybersecurity Alert: New Variant of Stealer Malware Discovered Background In a recent development, cybersecurity researchers have unearthed an updated version of a familiar stealer malware. Implicated individuals tied to the Democratic People’s Republic of Korea (DPRK) have been deploying this malware in previous cyber espionage efforts, especially focusing on job seekers. Malware Description The specific…
FIN7 Expands Tactics with AvNeutralizer Tool The notorious FIN7 cybercriminal group, infamous for its financially motivated attacks, has recently ventured into new territory by using multiple pseudonyms on various underground forums. These aliases have been employed to promote a tool, AvNeutralizer (also known as AuKill), designed to disrupt security solutions commonly used by ransomware groups…
The FBI Warning of Growing SIM Swap Attacks in 2022 In the ever-evolving landscape of cyber threats, the FBI issued a warning in 2022 about the increasing prevalence of SIM swap attacks. These attacks involve gaining control of a victim’s phone number, which can then be used as a gateway to access email accounts, bank…
Chinese Group APT17 Strikes Italian Targets with 9002 RAT In the realm of cybersecurity, the latest buzz involves an unwelcome visitor named APT17—a group linked to China notorious for wreaking havoc. It seems this villainous entity has set its sights on Italian businesses and government institutions, unleashing a variant of the notorious 9002 Remote Access…
Microsoft Reveals Scattered Spider Cybercrime Group’s New Tactics Microsoft recently uncovered some alarming developments in the world of cybercrime. The notorious Scattered Spider group, known for its sophisticated social engineering tactics, has upped its game by incorporating ransomware strains like RansomHub and Qilin into its arsenal. A Notorious Threat Actor Scattered Spider is not your…
Apache HugeGraph-Server Vulnerability Exploited by Threat Actors In the world of cybersecurity, keeping an eye on the latest vulnerabilities is crucial to staying ahead of potential threats. One such recent concern is the exploitation of a critical security flaw in the Apache HugeGraph-Server. This vulnerability, known as CVE-2024-27348 and carrying a high CVSS score of…
Unraveling the Konfety Ad Fraud Operation Details about a significant ad fraud scheme have recently come to light, shedding light on a malicious operation that exploits hundreds of apps available on the Google Play Store. This sophisticated campaign, named Konfety after the Russian word for Candy, utilizes a mobile advertising software development kit (SDK) linked…
Identity-Based Threats on SaaS Applications In the realm of IT security, identity-based threats on Software as a Service (SaaS) applications have become a major concern for security professionals. The rise of these threats has put a spotlight on the importance of detecting and responding to such risks promptly and effectively. The Dangers of Phishing The…
The Changing Tactics of the Iranian MuddyWater Threat Actor Iran’s notorious state-sponsored hacking group, MuddyWater, is notorious for its sophisticated cyber-attacks on various targets. In a recent turn of events, cybersecurity firms Check Point and Sekoia have discovered that MuddyWater has modified its tactics by incorporating a novel backdoor into its latest attack campaign. This…
Cybersecurity Threat Unveiled on npm Package Registry Recently, cybersecurity researchers uncovered a troubling discovery on the npm package registry. Two seemingly innocent packages, namely img-aws-s3-object-multipart-copy and legacyaws-s3-object-multipart-copy, were found to house hidden backdoor codes. These codes had the alarming capability of executing malicious commands that were initiated from a remote server. Unveiling the Threat The…