Iranian Threat Actor MERCURY Exploits Log4j 2 Vulnerabilities in Unpatched Systems

Iranian Threat Actor MERCURY Exploits Log4j 2 Vulnerabilities in Unpatched Systems

Blog The Iranian threat actor MERCURY has been exploiting unpatched Log4j 2 vulnerabilities in SysAid applications to target organizations, highlighting the critical need for timely security updates. The Iranian threat actor MERCURY The Microsoft Threat Intelligence Center (MSTIC) and Microsoft 365 Defender Research Team found that Iran-based threat actor MERCURY exploited Log4j 2 vulnerabilities in […]

LastPass Password Manager with 25 Million Users Hacked

This image is about the LastPass password manager hacked.

Blog LastPass Password Manager Hacked, compromising encrypted password vaults and personal information of its 25 million users. LastPass Password Manager Hacked LastPass, one of the world’s largest password managers, has confirmed that it has been hacked. The company revealed that threat actors stole some of the company’s source code and some proprietary LastPass technical information. […]

Chinese Threat Actors APT40 Targets Energy Sector in Australia and the South China Sea

This image is about APT40 targeting the energy sector in Australia and the South China Sea.

Blog APT40, a Chinese state-sponsored hacking group, targets Energy Sector in Australia and the South China Sea. Chinese Threat Actors APT40 The Chinese state-owned threat actor, APT40, targets Australian government agencies, Australian media companies and manufacturers that maintain wind turbine fleets in the South China Sea. Cybersecurity firm Proofpoint, which works in collaboration with PwC, […]

Akira: Undetectable Stealer Unleashed

This image is about Akira, an undetectable stealer.

Blog Introduction A new Stealer named Akira has been put up for sale on Telegram. It has the following features: Password grabber Cookies grabber Bookmarks grabber Crypto wallets and 2fa extensions dump (Grabs 💸 Zcash, 🚀 Armory, 📀 Bytecoin, 💵 Jaxx, 💎 Exodus desktop/extension, 📉 Ethereum, 🔨 Electrum, 🕹 AtomicWallet, 💹 Guarda, ⚡️ Coinbase, 🦊 […]

TA558 APT Group Uses Malicious Microsoft Compiled HTML Help Files

This image is about TA558 APT group using malicious Microsoft Compiled HTML Help files.

Blog The TA558 APT advanced persistent threat group has been observed utilizing malicious Microsoft Compiled HTML Help (.chm) files to deliver malware payloads, targeting sectors such as hospitality and travel. Who is TA558 APT? TA558, a financially-motivated cybercrime group, has been targeting the hospitality, travel, and related industries located in Latin America, North America, and […]

Phishing Attack Targeting Turkish Companies

This image is about a phishing attack targeting Turkish companies.

Blog Phishing Attack Targeting Turkish Companies: Turkish companies have been targeted by a phishing campaign involving emails with malicious attachments disguised as RFQ files. Phishing Attack Phishing mail targeting Turkish companies has been detected.  Mail attachment contains an RFQ file. Normally, a request for quotation (RFQ) is a company’s document to request pricing and packaging […]

What is “Cyber Threat”?

This image is about the concept of a cyber threat.

Blog The “cyber threat” refers to actions that are deemed malicious and are carried out deliberately or inadvertently by; hackers, criminals, business rivals, spies, dissatisfied workers, organized crime groups, and hactivist societies, in order to obtain unauthorized access, interrupt infrastructure, intercept classified data, and/or share data with third parties. Phishing, 0-day attacks, APT (Advanced Persistent […]

Who is DarkSide Ransomware Group?

This image is about the DarkSide ransomware group.

Blog Who is DarkSide Ransomware Group? FBI claims attack on the Colonial Pipeline has been attributed to DarkSide Ransomware, a kind of new ransomware family that emerged on the crimeware market at the beginning of  November 2020. DarkSide is a Ransomware-as-a-Service with the stated goal of targeting ‘large corporations.’ They are primarily focused on recruiting […]

REvil Ransomware Malware Analysis 

This image is about REvil ransomware malware analysis.

Blog REvil ransomware Dive into the technical analysis of REvil ransomware, detailing its encryption methods, attack vectors, and the strategies. 1. Overall Summary The REvil (also known as Sodinokibi) is a Ransomware-as-a-Service (RaaS). The first attack of REvil in the middle of April 2019, got huge attention from the Cyber Security world due to sharing […]