December 15, 2023 Cybersecurity researchers have identified a set of 116 malicious packages on the Python Package Index (PyPI) repository that are designed to infect Windows and Linux systems with a custom backdoor. “In some cases, the final payload is a variant of the infamous W4SP Stealer, or a simple clipboard monitor to steal cryptocurrency, or …

116 Malware Packages Found on PyPI Repository Infecting Windows and Linux Systems Read More »

December 15, 2023 A pro-Hamas threat actor known as Gaza Cyber Gang is targeting Palestinian entities using an updated version of a backdoor dubbed Pierogi. The findings come from SentinelOne, which has given the malware the name Pierogi++ owing to the fact that it’s implemented in the C++ programming language unlike its Delphi- and Pascal-based predecessor. “Recent …

New Pierogi++ Malware by Gaza Cyber Gang Targeting Palestinian Entities Read More »

December 15, 2023 The Iranian state-sponsored threat actor known as OilRig deployed three different downloader malware throughout 2022 to maintain persistent access to victim organizations located in Israel. The three new downloaders have been named ODAgent, OilCheck, and OilBooster by Slovak cybersecurity company ESET. The attacks also involved the use of an updated version of a known …

Iranian State-Sponsored OilRig Group Deploys 3 New Malware Downloaders Read More »

December 15, 2023 Network penetration testing plays a crucial role in protecting businesses in the ever-evolving world of cybersecurity. Yet, business leaders and IT pros have misconceptions about this process, which impacts their security posture and decision-making.  This blog acts as a quick guide on network penetration testing, explaining what it is, debunking common myths …

Reimagining Network Pentesting With Automation Read More »

December 15, 2023 Threat actors affiliated with the Russian Foreign Intelligence Service (SVR) have targeted unpatched JetBrains TeamCity servers in widespread attacks since September 2023. The activity has been tied to a nation-state group known as APT29, which is also tracked as BlueBravo, Cloaked Ursa, Cozy Bear, Midnight Blizzard (formerly Nobelium), and The Dukes. It’s notable …

Russian SVR-Linked APT29 Targets JetBrains TeamCity Servers in Ongoing Attacks Read More »

December 15, 2023 A previously unknown hacker outfit called GambleForce has been attributed to a series of SQL injection attacks against companies primarily in the Asia-Pacific (APAC) region since at least September 2023. “GambleForce uses a set of basic yet very effective techniques, including SQL injections and the exploitation of vulnerable website content management systems (CMS) to …

New Hacker Group ‘GambleForce’ Tageting APAC Firms Using SQL Injection Attacks Read More »

December 15, 2023 Microsoft on Wednesday said it obtained a court order to seize infrastructure set up by a group called Storm-1152 that peddled roughly 750 million fraudulent Microsoft accounts and tools through a network of bogus websites and social media pages to other criminal actors, netting the operators millions of dollars in illicit revenue. …

Microsoft Takes Legal Action to Crack Down on Storm-1152’s Cybercrime Network Read More »

December 14, 2023 The threat actors behind the BazaCall call back phishing attacks have been observed leveraging Google Forms to lend the scheme a veneer of credibility. The method is an “attempt to elevate the perceived authenticity of the initial malicious emails,” cybersecurity firm Abnormal Security said in a report published today. BazaCall (aka BazarCall), which was first Article posted by: …

BazaCall Phishing Scammers Now Leveraging Google Forms for Deception Read More »