Cisco Has Been Hacked by Yanluowang Ransomware Group
Blog Cisco’s corporate network was breached by the Yanluowang ransomware group Cisco has confirmed that the Yanluowang ransomware group has breached the company’s network and that the actor has attempted to extort the stolen files under threat of leaking them online. Cisco said on May 24, 2022 that it became aware of a possible compromise. […]
USA Offers $10M Bounty for Providing Information on the Conti Ransomware Gang
Blog A Reward for Information About The Conti Ransomware Group USA Offers $10M Bounty for Providing Information on the Conti Ransomware Gang. As part of the Justice Awards program, the US State Department announced that a $10 million reward will be offered for information on five high-ranking Conti ransomware members, including the first reveal of […]
PyPI Package ‘secretslib’ Drops Fileless Cryptominer to Linux Systems
Blog PyPI Package ‘secretslib’ PyPI Package ‘secretslib’ Drops Fileless Cryptominer to Linux Systems. A PyPI package named “secretslib” has been identified by Sonatype, which describes itself as “secret mapping and verification made easy”. The package secretly runs cryptominers in the memory of the Linux machine, a technique largely used by fileless malware and cryptominers. Secretslib […]
Microsoft Has Disrupted SEABORGIUM Phishing Operation
Blog Seaborgium Phishing Operation The Microsoft Threat Intelligence Center (MSTIC) has taken action and taken measures to disrupt the campaigns launched by the SEABORGIUM actor, which has been tracked since 2017. SEABORGIUM is a threat actor with goals aligned with the interests of the Russian state. SEABORGIUM is a threat actor that often targets the […]
Kaspersky Published a Report on Malicious Browser Extensions
Blog Malicious Browser Extensions Kaspersky’s report highlights the rise of malicious browser extensions that steal cryptocurrency and perform web injects. Kaspersky analyzed threat statistics by processing data voluntarily shared by its users for the period from January 2020 to June 2022. According to this data, during the first half of this year, 1,311,557 users tried to […]
13 Organizations Targeted by Chinese-Linked APT41 and a New Wave of Cobalt Strike Infections
Blog APT41 APT41, one of the state-sponsored ex-hacker groups, breached government networks in six US states in March 2022, including by exploiting a vulnerability in a livestock management system, according to Mandiant researchers. Cybersecurity firm Group-IB’s investigations resulted in nearly 80 proactive notifications of APT41 attacks against their infrastructure to private and government organizations worldwide. […]
WordPress Sites Hacked with Fake Cloudflare DDoS Alerts
Blog WordPress Sites Hacked with Fake Cloudflare DDoS Alerts: Attackers are tricking users into downloading malware. WordPress Sites Hacked DDoS protection pages typically verify whether the site visitor is actually a human or part of a Distributed Denial of Service (DDoS) attack or other unwanted bot. Bad bots make up a large portion of web […]
CISA Warning Against Active Exploitation of Palo Alto Networks’ PAN-OS Vulnerability
Blog This blog is about CISA’s warning regarding the active exploitation of a Palo Alto Networks PAN-OS vulnerability. PAN-OS vulnerability. CISA added Palo Alto Networks PAN-OS to its Catalog of Known Exploited Vulnerabilities based on evidence of active exploitation This critical vulnerability is tracked with code CVE-2022-0028 (CVSS: 8.6 High). The vulnerability is the misconfiguration […]
Iranian Threat Actor MERCURY Exploits Log4j 2 Vulnerabilities in Unpatched Systems
Blog The Iranian threat actor MERCURY has been exploiting unpatched Log4j 2 vulnerabilities in SysAid applications to target organizations, highlighting the critical need for timely security updates. The Iranian threat actor MERCURY The Microsoft Threat Intelligence Center (MSTIC) and Microsoft 365 Defender Research Team found that Iran-based threat actor MERCURY exploited Log4j 2 vulnerabilities in […]
LastPass Password Manager with 25 Million Users Hacked
Blog LastPass Password Manager Hacked, compromising encrypted password vaults and personal information of its 25 million users. LastPass Password Manager Hacked LastPass, one of the world’s largest password managers, has confirmed that it has been hacked. The company revealed that threat actors stole some of the company’s source code and some proprietary LastPass technical information. […]