Overview of VeilShell and Threat Actor Activity Threat actors with ties to North Korea have been delivering a new, previously undocumented backdoor and remote access trojan (RAT) called VeilShell. This malicious software is part of a broader campaign that seems to target Cambodia and potentially other Southeast Asian countries. The activity has been named SHROUDED#SLEEP…
INTERPOL has announced the arrest of eight individuals in Côte d'Ivoire and Nigeria, targeting phishing scams and romance cyber fraud. This initiative, termed Operation Contender 2.0, is aimed at curbing cyber-enabled crimes in West Africa. Phishing scams are becoming increasingly common, with one recent event causing significant financial losses for Swiss citizens. The operation reflects…
easyWAF od F5 Networks je napreden rešitev, zasnovana za poenostavitev in izboljšanje varnosti spletnih aplikacij v različnih okoljih, vključno s cloudom, lokalnimi strežniki in robnimi lokacijami. V tem blogu bomo raziskali značilnosti, prednosti in pomen easyWAF ter poudarili njegovo vlogo v razvijajočem se svetu kibernetske varnosti. Uvod v easyWAF V današnjem digitalnem okolju so spletne…
Major Crackdown on LockBit Ransomware Operation A new wave of international law enforcement actions has recently unfolded, leading to four arrests and the takedown of nine servers linked to the LockBit ransomware operation. This group, also known as Bitwise Spider, was previously notorious for its financially motivated cybercrimes. Law enforcement’s decisive moves mark a significant…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently added a significant security flaw affecting Endpoint Manager (EPM) to its Known Exploited Vulnerabilities (KEV) catalog. This move comes after evidence emerged showing that the flaw is actively exploited in the wild. The vulnerability, identified as CVE-2024-29824, has been assigned a high CVSS score of 9.6…
Zlonamerni akter je prevzel odgovornost za vdor v več uglednih izraelskih ustanov, kar sproža resne skrbi glede kibernetske varnosti v tem ključnem sektorju. Ta alarmantna novica, ki jo je delil uporabnik DailyDarkWeb na družbenem omrežju X, se nanaša na občutljive informacije, ki naj bi bile ogrožene v izraelskem vladnem in obrambnem sektorju. Domnevne tarče: Vlada…
Behind the Scam: Understanding Fake Trading Apps and Investment Fraud A large-scale fraud campaign has recently come to light, revealing how fake trading apps have been used to defraud victims. Published on both the Apple App Store and Google Play Store, these deceptive applications have also appeared on various phishing sites. According to findings from…
CeranaKeeper: New Threat Actor Targeting Southeast Asia A previously undocumented threat actor, CeranaKeeper, has been linked to a series of data exfiltration attacks specifically targeting Southeast Asia. Slovak cybersecurity firm ESET observed these campaigns hitting governmental institutions in Thailand, which began in 2023. They have attributed this activity group to China, and the tools used…
Growing Threat: Spear-Phishing Campaigns Targeting Recruiters Recent events have revealed a spear-phishing email campaign that targets recruiters, using a deceptive tactic aimed at tricking them into downloading malicious files. This campaign features a JavaScript backdoor known as More_eggs. Such attacks signify persistent threats aimed at specific sectors, presenting fake job applicant lures that mask their…
New Security Vulnerabilities in DrayTek Routers A little over a dozen new security vulnerabilities have been discovered in residential and enterprise routers manufactured by DrayTek. These vulnerabilities could be exploited to take over susceptible devices. According to Forescout, "These vulnerabilities could enable attackers to take control of a router by injecting malicious code, allowing them…