All Posts

As digital transformation accelerates, the sophistication of cyber threats has also increased. Recent discoveries by Check Point Research have brought to light a significant vulnerability in Foxit PDF Reader, a popular software used by over 700 million users worldwide. This flaw has been exploited by threat actors to deliver malware via booby-trapped PDF documents. Overview […]

In today’s digital landscape, cybercriminals continuously adapt their tactics to exploit vulnerabilities and gain unauthorized access to sensitive information. One emerging threat is AI-powered vishing (voice phishing) and deepfake phishing attacks. Utilizing machine learning algorithms, these sophisticated attacks can deceive even the most cautious individuals. AI-Powered Phishing Attacks Phishing traditionally involves deceptive emails, messages, or […]

Federal agencies and cybersecurity experts have issued urgent warnings about the Black Basta ransomware group, which has targeted over 500 organizations across North America, Europe, and Australia since April 2022. This ransomware-as-a-service (RaaS) operation has breached numerous private industry and critical infrastructure sectors, causing severe disruptions and significant financial losses. One of the most notable […]

The increasing prevalence of identity document fraud, especially in today’s digital landscape, has made it essential for the implementation of advanced verification systems to thwart fraudulent activities. As of 2023, the most prevalent method of such fraud was the “document image-of-image” technique, identified in 63% of all rejected IDs. This type of fraud involves using […]

The security flaw known as “TunnelVision,” officially registered under CVE-2024-3661, represents a significant threat to the integrity of VPN (Virtual Private Network) communications. This vulnerability leverages a DHCP (Dynamic Host Configuration Protocol) option, specifically the classless static route option 121, to manipulate VPN traffic. This manipulation occurs when an attacker sets up a rogue DHCP […]

Ascension, one of the largest private healthcare systems in the United States, experienced significant disruptions in its clinical operations due to a suspected cybersecurity incident. This major nonprofit health system, which operates 140 hospitals and 40 senior care facilities across 19 states including the District of Columbia, reported unusual activity on its technology networks on […]

Nearly 52,000 instances of Tinyproxy, a popular open-source HTTP and HTTPS proxy server, are currently exposed to a severe security threat identified as CVE-2023-49606. This critical remote code execution (RCE) vulnerability affects primarily Tinyproxy services that are widely used by small businesses, public WiFi providers, and individual users who favor its efficiency and minimal resource […]

Cybersecurity researchers at the Symantec Threat Hunter Team, part of Broadcom, have noticed a troubling trend where multiple hacking collectives, including APT28, REF2924, Red Stinger, Flea, APT29, and OilRig, are increasingly exploiting Microsoft Graph API for malicious activities. These groups have been using Microsoft’s cloud services, like OneDrive, to host their command-and-control (C2) infrastructure, effectively […]

Dropbox has confirmed a significant breach of its Dropbox Sign service (formerly HelloSign), which compromised a wide range of customer information, including emails, usernames, phone numbers, hashed passwords, and various authentication details like API keys, OAuth tokens, and multi-factor authentication setups. The breach, identified on April 24, 2024, also exposed the email addresses and names […]

In a new research, SafeBreach’s Or Yair has unveiled significant security vulnerabilities in the Windows DOS-to-NT path conversion process. These findings, which Yair presented at the Black Hat Asia conference, illustrate how attackers could potentially achieve rootkit-like capabilities without requiring administrative permissions. Understanding the DOS-to-NT Path Conversion Vulnerability During a typical operation where a Windows […]

LastPass is alerting its users to a malicious campaign employing the CryptoChameleon phishing kit, notorious for cryptocurrency theft. Researchers have identified CryptoChameleon as a sophisticated phishing kit initially used against Federal Communications Commission (FCC) employees through counterfeit Okta single sign-on (SSO) pages. Security experts at Lookout have found that this phishing kit has also compromised […]

Since June 2023, cybersecurity observers have detected a surge in affordable ransomware offerings, termed “junk gun” ransomware, on the dark web. These tools are the product of independent developers and represent a shift away from the decade-long dominance of the ransomware-as-a-service (RaaS) model in the cybercriminal ecosystem. Sophos X-Ops has documented 19 distinct junk gun […]

Cisco Talos has issued a warning about a massive credential brute-force campaign that targets VPN and SSH services on devices worldwide. The campaign, which started on March 18, 2024, uses a mix of valid and generic employee usernames to crack the correct login credentials. Once the attackers gain access, they can hijack devices or infiltrate […]

Cisco Duo recently warned that hackers breached the security of their telephony provider on April 1, 2024, stealing some customers’ VoIP and SMS logs used for multi-factor authentication (MFA) messages. This cyberattack targeted an unnamed provider that handles Cisco Duo’s SMS and VOIP MFA message services. Cisco Duo, a major multi-factor authentication and Single Sign-On […]

Apple has issued a warning to iPhone users across 92 countries about a mercenary spyware attack targeting their devices remotely. The company expresses high confidence in the warning and urges users to take immediate action. According to a notification shared, the spyware attempts to compromise iPhones linked to specific Apple IDs. The notification also refers […]

Researchers have discovered a critical vulnerability in the Rust standard library, posing a significant threat to Windows users. The flaw, identified as CVE-2024-24576, could potentially allow attackers to stage command injection attacks on unsuspecting users. With a CVSS score of 10.0, the vulnerability’s severity is at its maximum, highlighting the urgent need for attention and […]

Cybersecurity researchers recently uncovered a complex multi-stage attack that targets users with invoice-themed phishing emails to deploy a variety of malware, including Venom RAT, Remcos RAT, XWorm, NanoCore RAT, and a crypto wallet stealer. Attackers attach Scalable Vector Graphics (SVG) files to emails, which initiate the malware infection process upon opening, according to a technical […]

The U.S. Department of Health and Human Services (HHS) has raised an alarm over an ongoing assault by cybercriminals targeting IT help desks in the Healthcare and Public Health (HPH) sector. These attackers, observed by the Health Sector Cybersecurity Coordination Center (HC3), wield sophisticated social engineering tactics to infiltrate the health sector’s defenses. Their strategy […]

Cybercriminals are distributing a new multi-functional malware named Byakugan through fake Adobe Acrobat Reader installers. The attack begins with a PDF file in Portuguese that displays a blurry image and prompts users to download a fake Reader application to see the content more clearly. Fortinet FortiGuard Labs reported that clicking on the provided link downloads […]

In the constantly changing world of cyber threats, thread hijacking stands out as a clever strategy that uses human curiosity to trap its victims. This advanced phishing technique takes control of ongoing email conversations, becoming a sinister threat that requires our immediate attention. By learning how these cyber predators operate, we can defend ourselves against […]