KrofekSecurity

Cybersecurity experts from Australia, Canada, and the U.S. have raised alarms about a year-long effort by Iranian cyber actors targeting critical infrastructure. The campaign primarily focuses on infiltrating healthcare organizations via brute-force attacks. Since October 2023, these Iranian actors have used brute force and password spraying to compromise user accounts, raising significant concerns about the…

Picture your company’s data as a vast jigsaw puzzle—scattered across clouds, devices, and networks. Some pieces are hidden, some misplaced, and others might even be missing entirely. In today’s fast-evolving landscape, keeping your data secure can feel like an impossible challenge. However, there’s a game-changing solution: Data Security Posture Management (DSPM). This innovative approach provides…

Threat Actors Leverage Fake Google Meet Pages in Malware Campaign Cybersecurity threats continue to evolve, and one of the latest tactics involves fake Google Meet web pages. These pages are part of an ongoing malware campaign known as ClickFix, aimed at delivering infostealers to both Windows and macOS systems. French cybersecurity company Sekoia highlighted this…

Apple Addresses Security Flaw in TCC Framework Recently, Microsoft revealed critical information about a security flaw in Apple's Transparency, Consent, and Control (TCC) framework within macOS. This vulnerability, known as CVE-2024-44133 and codenamed HM Surf, may have been exploited by attackers to bypass a user's privacy settings and access sensitive data. Apple has since released…

Understanding the RomCom Cyber Threat Targeting Ukraine and Poland Recent developments have highlighted a concerning trend in cyber warfare. The Russian threat actor known as RomCom has been linked to a new wave of cyber attacks focused on Ukrainian government agencies and unspecified entities in Poland. This activity has been notable since late 2023 and…

Insights into Cicada3301: Emerging Ransomware-as-a-Service Cybersecurity researchers have gained new insights into an emerging ransomware-as-a-service (RaaS) known as Cicada3301. This RaaS operation has gained attention after Singapore-based Group-IB successfully accessed its affiliate panel on the dark web. Understanding this development can help individuals and organizations bolster their defenses against potential ransomware attacks. What is Ransomware-as-a-Service?…

An advanced persistent threat (APT) actor with suspected ties to India has recently increased its activities, targeting high-profile entities and strategic infrastructures in the Middle East and Africa. This cyber threat is significantly concerning as it indicates a rising trend in sophisticated attacks on vital sectors. The activity has been linked to a group known…

Understanding the Growing Risks of Employee-Led SaaS Adoption As technology adoption has shifted to be employee-led, just in time, and from any location or device, IT and security teams face a daunting challenge. They must manage the ever-expanding Software as a Service (SaaS) attack surface, much of which remains unknown or unmanaged. This situation greatly…

Federal prosecutors in the United States have charged two Sudanese brothers with running a distributed denial-of-service (DDoS) botnet for hire. This botnet has been responsible for an astonishing 35,000 DDoS attacks in just one year. Notably, some of these attacks targeted widely used services like Microsoft in June 2023. The brothers allegedly leveraged a powerful…