December 20, 2023 Some of you have already started budgeting for 2024 and allocating funds to security areas within your organization. It is safe to say that employee security awareness training is one of the expenditure items, too. However, its effectiveness is an open question with people still engaging in insecure behaviors at the workplace. …
Are We Ready to Give Up on Security Awareness Training? Read More »
December 20, 2023 The Iranian nation-state actor known as MuddyWater has leveraged a newly discovered command-and-control (C2) framework called MuddyC2Go in its attacks on the telecommunications sector in Egypt, Sudan, and Tanzania. The Symantec Threat Hunter Team, part of Broadcom, is tracking the activity under the name Seedworm, which is also tracked under the monikers Boggy Serpens, Cobalt Article …
Iranian Hackers Using MuddyC2Go in Telecom Espionage Attacks Across Africa Read More »
December 20, 2023 The malware loader known as PikaBot is being distributed as part of a malvertising campaign targeting users searching for legitimate software like AnyDesk. “PikaBot was previously only distributed via malspam campaigns similarly to QakBot and emerged as one of the preferred payloads for a threat actor known as TA577,” Malwarebytes’ Jérôme Segura said. The malware family, …
New Malvertising Campaign Distributing PikaBot Disguised as Popular Software Read More »
December 20, 2023 The threat actors associated with the 8220 Gang have been observed exploiting a high-severity flaw in Oracle WebLogic Server to propagate their malware. The security shortcoming is CVE-2020-14883 (CVSS score: 7.2), a remote code execution bug that could be exploited by authenticated attackers to take over susceptible servers. “This vulnerability allows remote authenticated Article posted by: …
8220 Gang Exploiting Oracle WebLogic Server Vulnerability to Spread Malware Read More »
December 20, 2023 The threat actors behind the Play ransomware are estimated to have impacted approximately 300 entities as of October 2023, according to a new joint cybersecurity advisory from Australia and the U.S. “Play ransomware actors employ a double-extortion model, encrypting systems after exfiltrating data and have impacted a wide range of businesses and …
Double-Extortion Play Ransomware Strikes 300 Organizations Worldwide Read More »
December 20, 2023 Ethical Hacking Course in Dubai Continue reading on Medium » Article posted by: https://medium.com/@vinsystraining/ethical-hacking-training-ceh-course-in-dubai-43eefa7bc43c?source=rss——cehv12-5 ——————————————————————————————————————– Infocerts, 5B 306 Riverside Greens, Panvel, Raigad 410206 Maharashtra, India Contact us – https://www.infocerts.com
December 19, 2023 Technical details have emerged about two now-patched security flaws in Microsoft Windows that could be chained by threat actors to achieve remote code execution on the Outlook email service sans any user interaction. “An attacker on the internet can chain the vulnerabilities together to create a full, zero-click remote code execution (RCE) …
Beware: Experts Reveal New Details on Zero-Click Outlook RCE Exploits Read More »
December 19, 2023 Over the past few years, SaaS has developed into the backbone of corporate IT. Service businesses, such as medical practices, law firms, and financial services firms, are almost entirely SaaS based. Non-service businesses, including manufacturers and retailers, have about 70% of their software in the cloud. These applications contain a wealth of …
December 19, 2023 The developers of the information stealer malware known as Rhadamanthys are actively iterating on its features, broadening its information-gathering capabilities and also incorporating a plugin system to make it more customizable. This approach not only transforms it into a threat capable of delivering “specific distributor needs,” but also makes it more potent, Check Point said& …
Rhadamanthys Malware: Swiss Army Knife of Information Stealers Emerges Read More »
December 19, 2023 Four U.S. nationals have been charged for participating in an illicit scheme that earned them more than $80 million via cryptocurrency investment scams. The defendants – Lu Zhang, 36, of Alhambra, California; Justin Walker, 31, of Cypress, California; Joseph Wong, 32, Rosemead, California; and Hailong Zhu, 40, Naperville, Illinois – have been …
Four U.S. Nationals Charged in $80 Million Pig Butchering Crypto Scam Read More »
