State-Sponsored Hackers Likely Exploited MS Exchange 0-Days Against ~10 Organizations
Microsoft on Friday disclosed that a single activity group in August 2022 achieved initial access and breached Exchange servers by chaining the two...
New Malware Families Found Targeting VMware ESXi Hypervisors
Threat actors have been found deploying never-before-seen post-compromise implants in VMware's virtualization software to seize control of infected systems and evade detection.
Google's Mandiant...
Cyber Attacks Against Middle East Governments Hide Malware in Windows logo
An espionage-focused threat actor has been observed using a steganographic trick to conceal a previously undocumented backdoor in a Windows logo in its...
North Korean Hackers Weaponizing Open-Source Software in Latest Cyber Attacks
A "highly operational, destructive, and sophisticated nation-state activity group" with ties to North Korea has been weaponizing open source software in their social...
Why Organisations Need Both EDR and NDR for Complete Network Protection
Endpoint devices like desktops, laptops, and mobile phones enable users to connect to enterprise networks and use their resources for their day-to-day work....
New Malware Campaign Targeting Job Seekers with Cobalt Strike Beacons
A social engineering campaign leveraging job-themed lures is weaponizing a years-old remote code execution flaw in Microsoft Office to deploy Cobalt Strike beacons...
Microsoft Confirms 2 New Exchange Zero-Day Flaws Being Used in the Wild
Microsoft officially disclosed it investigating two zero-day security vulnerabilities impacting Exchange Server 2013, 2016, and 2019 following reports of in-the-wild exploitation.
"The first vulnerability,...
New Unpatched Microsoft Exchange Zero-Day Under Active Exploitation
Security researchers are warning of previously undisclosed flaws in fully patched Microsoft Exchange servers being exploited by malicious actors in real-world attacks to...
Brazilian Prilex Hackers Resurfaced With Sophisticated Point-of-Sale Malware
A Brazilian threat actor known as Prilex has resurfaced after a year-long operational hiatus with an advanced and complex malware to steal money...
Five Steps to Mitigate the Risk of Credential Exposure
Every year, billions of credentials appear online, be it on the dark web, clear web, paste sites, or in data dumps shared by...
Latest article
US Senator Introduces ‘No Digital Dollar Act’ to Prohibit Treasury and the Fed From...
A U.S senator has introduced the “No Digital Dollar Act to prohibit the U.S. Treasury and the Federal Reserve from interfering with Americans...
SEC Charges 2 Firms and 4 Individuals in Crypto Pump-and-Dump Scheme – Regulation Bitcoin...
The U.S. Securities and Exchange Commission (SEC) has taken action against two firms and four individuals allegedly perpetrating a crypto pump-and-dump scheme. “Although...
Web3 and Crypto Checking Account Startup Juno Raises $18M, Airdrops Reward Token JCOIN –...
Juno, the Singapore-based Web3 crypto firm that offers customers checking accounts tied to crypto assets, has raised $18 million in a Series A...
