Agent Racoon Backdoor Targets Organizations in Middle East, Africa, and U.S.
In a recent analysis, Palo Alto Networks Unit 42 researcher Chema Garcia revealed a targeted cyber threat affecting organizations in the Middle East, Africa, and the United States. The unknown threat actor is distributing a sophisticated backdoor named Agent Racoon, developed using the .NET framework. The malware exploits the domain name service (DNS) protocol to
- Published in News
Cybercriminals Using Telekopye Telegram Bot to Craft Phishing Scams on a Grand Scale
More details have emerged about a malicious Telegram bot called Telekopye that’s used by threat actors to pull off large-scale phishing scams. “Telekopye can craft phishing websites, emails, SMS messages, and more,” ESET security researcher Radek Jizba said in a new analysis. The threat actors behind the operation – codenamed Neanderthals – are known to run the criminal enterprise as a
- Published in News
8 Base Group Deploying New Phobos Ransomware Variant via SmokeLoader
A subgroup within the infamous Lazarus Group, recognized as Sapphire Sleet, has recently altered its modus operandi by employing a variant of the Phobos ransomware in its financially motivated cyberattacks. This strategic shift has been documented by cybersecurity researchers at Cisco Talos, who have observed an uptick in activities carried out by these cybercriminals. Sapphire
- Published in News
Microsoft Warns of Fake Skills Assessment Portals Targeting IT Job Seekers
The well-known Lazarus Group has evolved, with a faction now setting up deceptive platforms masquerading as skill assessment portals, part of their new social engineering tactics. Identified by Microsoft as Sapphire Sleet, this alteration marks a change in the group’s persistent methods. Sapphire Sleet, also recognized as APT38, BlueNoroff, CageyChameleon, and CryptoCore, is notorious for
- Published in News
Google’s New “Independent Security Review” Badge: Enhancing App Safety in Play Store
Introduction In an age where we rely heavily on mobile applications for various aspects of our daily lives, ensuring their security is paramount. Google is taking a significant step to bolster app safety in the Play Store by introducing the “Independent Security Review” badge. This badge is designed to provide users with more information about
- Published in News
Signal App Refutes Alleged Zero-Day Flaw Amidst Security Debates
Signal, the renowned encrypted messaging app, has firmly pushed back against recent reports of an alleged zero-day vulnerability in its software. The company conducted a thorough investigation and stated that it found no concrete evidence to substantiate the claim. In a series of messages posted on social media platform X (formerly Twitter), Signal emphasized that
- Published in News
Persistent Cyber Campaign “Stayin’ Alive” Targets High-Profile Asian Government and Telecom Entities
In a noteworthy development, a cyber campaign known as “Stayin’ Alive” has been actively targeting prominent government and telecom organizations across Asia since 2021. The campaign, discovered by cybersecurity firm Check Point, is characterized by its deployment of basic backdoors and loaders to deliver more advanced malware in subsequent stages. Key targets of this campaign
- Published in News
CERT-UA Reports: 11 Ukrainian Telecom Providers Hit by Cyberattacks
Ukraine, a nation that has been no stranger to cyber threats, is again in the spotlight. The Ukrainian Computer Emergency Response Team (CERT-UA) has recently reported a series of cyberattacks targeting the country’s telecommunications providers. This alarming development raises concerns about critical infrastructure security and underscores the need for robust cybersecurity measures. In this blog
- Published in News
Microsoft Warns of Cyber Attacks Attempting to Breach Cloud via SQL Server Instance
In a recent cybersecurity incident, Microsoft has shed light on a thwarted cyber attack, where hackers made an unsuccessful attempt to breach a cloud environment through an SQL Server instance. The assault kicked off with the exploitation of an SQL injection vulnerability present in a particular application. This initial breach granted unauthorized access and escalated
- Published in News
API Security Trends 2023 | Have Organizations Improved their Security Posture?
What are the APIs? known as application programming interfaces, are the backbone of modern software applications, enabling seamless communication and data exchange between different systems and platforms. They provide developers with an interface to interact with external services, allowing them to integrate various functionalities into their applications. However, this increased reliance on APIs has also
- Published in News