eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners

24/04/2024 0 Comments 0 tags

A new malware campaign has been exploiting the updating mechanism of the eScan antivirus software to distribute backdoors and cryptocurrency miners like XMRig through a long-standing threat codenamed GuptiMiner targeting

CoralRaider Malware Campaign Exploits CDN Cache to Spread Info-Stealers

24/04/2024 0 Comments 0 tags

A new ongoing malware campaign has been observed distributing three different stealers, such as CryptBot, LummaC2, and Rhadamanthys hosted on Content Delivery Network (CDN) cache domains since at least February 2024. Cisco Talos has attributed the activity

Apache Cordova App Harness Targeted in Dependency Confusion Attack

23/04/2024 0 Comments 0 tags

Researchers have identified a dependency confusion vulnerability impacting an archived Apache project called Cordova App Harness. Dependency confusion attacks take place owing to the fact that package managers check the public repositories before

German Authorities Issue Arrest Warrants for Three Suspected Chinese Spies

23/04/2024 0 Comments 0 tags

German authorities said they have issued arrest warrants against three citizens on suspicion of spying for China. The full names of the defendants were not disclosed by the Office of the Federal

Unmasking the True Cost of Cyberattacks: Beyond Ransom and Recovery

23/04/2024 0 Comments 0 tags

Cybersecurity breaches can be devastating for both individuals and businesses alike. While many people tend to focus on understanding how and why they were targeted by such breaches, there’s a larger, more

Police Chiefs Call for Solutions to Access Encrypted Data in Serious Crime Cases

23/04/2024 0 Comments 0 tags

European Police Chiefs said that the complementary partnership between law enforcement agencies and the technology industry is at risk due to end-to-end encryption (E2EE). They called on the industry and

Webinar: Learn Proactive Supply Chain Threat Hunting Techniques

23/04/2024 0 Comments 0 tags

In the high-stakes world of cybersecurity, the battleground has shifted. Supply chain attacks have emerged as a potent threat, exploiting the intricate web of interconnected systems and third-party dependencies to

Russia’s APT28 Exploited Windows Print Spooler Flaw to Deploy ‘GooseEgg’ Malware

23/04/2024 0 Comments 0 tags

The Russia-linked nation-state threat actor tracked as APT28 weaponized a security flaw in the Microsoft Windows Print Spooler component to deliver a previously unknown custom malware called GooseEgg. The post-compromise tool, which is said

U.S. Imposes Visa Restrictions on 13 Linked to Commercial Spyware Misuse

23/04/2024 0 Comments 0 tags

The U.S. Department of State on Monday said it’s taking steps to impose visa restrictions on 13 individuals who are allegedly involved in the development and sale of commercial spyware or who are immediately family members

Russian Hacker Group ToddyCat Uses Advanced Tools for Industrial-Scale Data Theft

22/04/2024 0 Comments 0 tags

The threat actor known as ToddyCat has been observed using a wide range of tools to retain access to compromised environments and steal valuable data. Russian cybersecurity firm Kaspersky characterized the adversary as relying on