8 Base Group Deploying New Phobos Ransomware Variant via SmokeLoader

A subgroup within the infamous Lazarus Group, recognized as Sapphire Sleet, has recently altered its modus operandi by employing a variant of the Phobos ransomware in its financially motivated cyberattacks. This strategic shift has been documented by cybersecurity researchers at Cisco Talos, who have observed an uptick in activities carried out by these cybercriminals. Sapphire

Tagged under: , , , , , , , , ,

Microsoft Warns of Fake Skills Assessment Portals Targeting IT Job Seekers

The well-known Lazarus Group has evolved, with a faction now setting up deceptive platforms masquerading as skill assessment portals, part of their new social engineering tactics. Identified by Microsoft as Sapphire Sleet, this alteration marks a change in the group’s persistent methods. Sapphire Sleet, also recognized as APT38, BlueNoroff, CageyChameleon, and CryptoCore, is notorious for

Tagged under: , , , , , , , , ,

Google’s New “Independent Security Review” Badge: Enhancing App Safety in Play Store

Introduction In an age where we rely heavily on mobile applications for various aspects of our daily lives, ensuring their security is paramount. Google is taking a significant step to bolster app safety in the Play Store by introducing the “Independent Security Review” badge. This badge is designed to provide users with more information about

Tagged under: , , , , , , , , ,

Signal App Refutes Alleged Zero-Day Flaw Amidst Security Debates

Signal, the renowned encrypted messaging app, has firmly pushed back against recent reports of an alleged zero-day vulnerability in its software. The company conducted a thorough investigation and stated that it found no concrete evidence to substantiate the claim. In a series of messages posted on social media platform X (formerly Twitter), Signal emphasized that

Tagged under: , , , , , , , , ,

Persistent Cyber Campaign “Stayin’ Alive” Targets High-Profile Asian Government and Telecom Entities

In a noteworthy development, a cyber campaign known as “Stayin’ Alive” has been actively targeting prominent government and telecom organizations across Asia since 2021. The campaign, discovered by cybersecurity firm Check Point, is characterized by its deployment of basic backdoors and loaders to deliver more advanced malware in subsequent stages. Key targets of this campaign

CERT-UA Reports: 11 Ukrainian Telecom Providers Hit by Cyberattacks

Ukraine, a nation that has been no stranger to cyber threats, is again in the spotlight. The Ukrainian Computer Emergency Response Team (CERT-UA) has recently reported a series of cyberattacks targeting the country’s telecommunications providers. This alarming development raises concerns about critical infrastructure security and underscores the need for robust cybersecurity measures. In this blog

Tagged under: , , , , , , , , , , , , , ,

Microsoft Warns of Cyber Attacks Attempting to Breach Cloud via SQL Server Instance

In a recent cybersecurity incident, Microsoft has shed light on a thwarted cyber attack, where hackers made an unsuccessful attempt to breach a cloud environment through an SQL Server instance. The assault kicked off with the exploitation of an SQL injection vulnerability present in a particular application. This initial breach granted unauthorized access and escalated

Tagged under: , , , , , , , , ,
API-Security-Trends-2023–Have-Organizations-Improved-their-Security-Posture?

API Security Trends 2023 | Have Organizations Improved their Security Posture?

What are the APIs? known as application programming interfaces, are the backbone of modern software applications, enabling seamless communication and data exchange between different systems and platforms. They provide developers with an interface to interact with external services, allowing them to integrate various functionalities into their applications. However, this increased reliance on APIs has also

After an OPSEC blunder, North Korean nation-state actors were exposed in the JumpCloud hack

North Korean nation-state actors linked to the Reconnaissance General Bureau (RGB) have been connected to the JumpCloud hack due to a security oversight that exposed their IP address. The threat intelligence firm Mandiant, owned by Google, attributes the activity to UNC4899, which has similarities with other groups known as Jade Sleet and TraderTraitor. These actors

The new malware ‘Letscall’ uses voice traffic routing to send audio

A warning has been issued regarding a sophisticated form of voice phishing (vishing) called “Letscall” that specifically targets individuals in South Korea. This advanced technique involves deceiving victims into downloading malicious apps from a fake Google Play Store website. Once installed, the malware redirects incoming calls to a call center operated by criminals who pose

Tagged under: ,