All Posts

Crown Equipment Corporation, one of the largest forklift manufacturers in the world, employing 19,600 people and having 24 manufacturing plants in 14 locations worldwide, recently confirmed a significant cyberattack that disrupted its operations for weeks. The Attack and Immediate Response On June 9th, Crown Equipment’s network was breached by an international cybercriminal organization. The company’s […]

A recent cyberattack on CDK Global has caused a significant disruption in car dealerships across the United States. This cyber incident has brought thousands of car dealerships to a standstill, impacting their operations severely. Here is a detailed account of what transpired and the implications for the affected businesses. The Scope of the Attack CDK […]

In February 2024, EclecticIQ cybersecurity researchers discovered phishing campaigns targeting financial institutions using embedded QR codes in PDF attachments to redirect victims to phishing URLs. Recently, these campaigns have begun using a Phishing-as-a-Service (PhaaS) platform known as ONNX Store, which now targets both Microsoft 365 and Office 365 email accounts. The platform enables phishing attacks […]

Overview of BadSpace Malware BadSpace is a sophisticated Windows backdoor malware that attackers deliver through compromised websites, especially those built on WordPress. This malware uses a multi-stage attack chain involving infected websites, command-and-control (C2) servers, fake browser updates, and a JScript downloader to infiltrate victims’ systems. Infection Chain: How BadSpace Infiltrates Systems According to German […]

A new, highly sophisticated phishing campaign has been detected by Trustwave that leverages HTML attachments to exploit the Windows search protocol, delivering malware through batch files hosted on remote servers. This article summarizes the mechanisms of the attack, mitigation measures, and insights into preventing such threats. Phishing Campaign Overview Researchers at Trustwave cybersecurity firm have […]

Cybersecurity researchers at eSentire have uncovered a sophisticated phishing attack leveraging the More_Eggs malware, disguised as job resumes. This tactic, identified over two years ago, continues to threaten organizations significantly. Recently, attackers targeted an unnamed company in the industrial services sector, underscoring the ongoing evolution of cyber threats and the need for heightened vigilance among […]

Cybersecurity researchers at ThreatFabric have uncovered a macOS variant of the LightSpy spyware, previously known for targeting iOS and Android devices. This development highlights the extensive reach and sophistication of this surveillance tool. LightSpy, a modular framework, has evolved to infiltrate various platforms, posing significant threats to user privacy and security. Origins and Evolution First reported […]

Advance Auto Parts, a major U.S. automotive aftermarket parts provider, has fallen victim to a significant data breach. Cybercriminals, operating under the handle “Sp1d3r,” claim to have stolen 3 terabytes of data from the company’s Snowflake cloud storage account. The stolen dataset, now being offered for sale at $1.5 million, includes vast amounts of sensitive […]

RansomHub, a nascent yet prolific ransomware-as-a-service (RaaS) operation, has recently come into the limelight due to its rapid rise and significant impacts. Cybersecurity researchers have traced its origins back to the now-defunct Knight ransomware, itself a rebrand of the Cyclops ransomware. RansomHub has a short history and operated mainly as a data theft and extortion […]

In today’s interconnected digital world, cyber attacks have become an ever-present threat targeting individuals, businesses, and governments alike. Understanding the different types of cyber attacks is crucial for organizations and individuals to effectively mitigate risks and protect themselves against potential breaches. Here, we delve into 20 of the most common types of cyber attacks with […]

Okta, a leading cybersecurity company specializing in identity and access management, has issued a warning about ongoing credential stuffing attacks targeting its Customer Identity Cloud (CIC) feature, particularly its cross-origin authentication. These attacks have been observed since April 15, 2024, affecting numerous customers. Credential stuffing is a type of cyber attack where threat actors use […]

Microsoft has recently unveiled a new North Korean state-aligned threat actor named Moonstone Sleet, previously known as Storm-1789. This group is implicated in a series of sophisticated cyber attacks, blending traditional techniques with innovative methodologies to target various sectors, including software, IT, education, and defense. Moonstone Sleet’s operations highlight the evolving landscape of cyber threats […]

The digital landscape is rapidly evolving, bringing both unprecedented opportunities and new threats. Among the most concerning of these threats is the Distributed Denial of Service (DDoS) attack, particularly a novel variant known as DNSBomb discovered by researchers from the Tsinghua University in Beijing, China. This powerful and practical pulsing DoS attack exploits DNS queries […]

In February 2024, U.S. pharmaceutical giant Cencora, formerly known as AmerisourceBergen, suffered a significant cyberattack leading to a major data breach. The attack compromised the personal and highly sensitive medical information of individuals associated with eight prominent drug companies that partner with Cencora for pharmaceutical and business services. Details of the Data Breach The data […]

A malicious crypto mining campaign codenamed ‘REF4578,’ has been discovered deploying a malicious payload named GhostEngine that uses vulnerable drivers to turn off security products and deploy an XMRig miner. Researchers at the cybersecurity firms Elastic Security Labs and Antiy have underlined the unusual sophistication of these crypto-mining attacks in separate reports and shared detection rules to help […]

With the rise of artificial intelligence, new features are continually being introduced to enhance user experience. The new Microsoft’s Recall feature, which captures screenshots of your active screen every few seconds and analyzes them using AI, exemplifies this trend by promising to enhance productivity with innovative AI-driven functionalities. However, despite its groundbreaking potential, this technology […]

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently added a significant security flaw impacting NextGen Healthcare Mirth Connect to its Known Exploited Vulnerabilities (KEV) catalog. This action underscores the critical nature of the vulnerability, which has already seen active exploitation in the wild. The flaw, identified as CVE-2023-43208, has a serious impact due to […]

In a landmark case, The U.S. Department of State and U.S. Department of Justice have charged an Arizona woman, Christina Chapman, and an Ukranian man who, along with three unidentified foreign nationals, allegedly assisted North Korean IT workers in remotely working for US companies under false US identities. This scheme facilitated foreign IT workers in […]

A newly discovered vulnerability in the IEEE 802.11 WiFi standard, known as CVE-2023-52424, poses significant risks to network security. This flaw, dubbed the SSID Confusion attack, allows malicious actors to trick devices into connecting to less secure networks, thereby enabling eavesdropping type of attacks. The SSID Confusion Attack Researchers have identified a critical design flaw […]

Cybercriminals have now identified a new vector for ransomware attacks by leveraging the Windows Quick Assist feature. Consequently, this emerging threat, primarily driven by a group known as Storm-1811, employs sophisticated social engineering techniques to deploy the notorious Black Basta ransomware. Therefore, understanding these tactics and implementing effective cybersecurity measures are crucial to mitigating these […]