Raspberry Robin Malware Upgrades with Discord Spread and New Exploits

The operators of Raspberry Robin are now using two new one-day exploits to achieve local privilege escalation, even as the malware continues to be refined and improved to make it stealthier than before. This means that “Raspberry Robin has access to an exploit seller or its authors develop the exploits themselves in a short period,” Check Point

Tagged under: , , , , , , , , ,

U.S. Sanctions 6 Iranian Officials for Critical Infrastructure Cyber Attacks

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions against six officials associated with the Iranian intelligence agency for attacking critical infrastructure entities in the U.S. and other countries. The officials include Hamid Reza Lashgarian, Mahdi Lashgarian, Hamid Homayunfal, Milad Mansuri, Mohammad Bagher Shirinkar, and Reza Mohammad Amin Saberian, who are part

Tagged under: , , , , , , , , , , , , , , , , , , , , , , , ,

Three Ways To Supercharge Your Software Supply Chain Security

Section four of the “Executive Order on Improving the Nation’s Cybersecurity” introduced a lot of people in tech to the concept of a “Software Supply Chain” and securing it. If you make software and ever hope to sell it to one or more federal agencies, you have to pay attention to this. Even if you never plan

Tagged under: , , , , , , , ,

Agent Racoon Backdoor Targets Organizations in Middle East, Africa, and U.S.

In a recent analysis, Palo Alto Networks Unit 42 researcher Chema Garcia revealed a targeted cyber threat affecting organizations in the Middle East, Africa, and the United States. The unknown threat actor is distributing a sophisticated backdoor named Agent Racoon, developed using the .NET framework. The malware exploits the domain name service (DNS) protocol to

Tagged under: , , , , , , , , , , , , , , , , , , , , , ,

Signal App Refutes Alleged Zero-Day Flaw Amidst Security Debates

Signal, the renowned encrypted messaging app, has firmly pushed back against recent reports of an alleged zero-day vulnerability in its software. The company conducted a thorough investigation and stated that it found no concrete evidence to substantiate the claim. In a series of messages posted on social media platform X (formerly Twitter), Signal emphasized that

Tagged under: , , , , , , , , ,

CERT-UA Reports: 11 Ukrainian Telecom Providers Hit by Cyberattacks

Ukraine, a nation that has been no stranger to cyber threats, is again in the spotlight. The Ukrainian Computer Emergency Response Team (CERT-UA) has recently reported a series of cyberattacks targeting the country’s telecommunications providers. This alarming development raises concerns about critical infrastructure security and underscores the need for robust cybersecurity measures. In this blog

Tagged under: , , , , , , , , , , , , , ,

Microsoft Warns of Cyber Attacks Attempting to Breach Cloud via SQL Server Instance

In a recent cybersecurity incident, Microsoft has shed light on a thwarted cyber attack, where hackers made an unsuccessful attempt to breach a cloud environment through an SQL Server instance. The assault kicked off with the exploitation of an SQL injection vulnerability present in a particular application. This initial breach granted unauthorized access and escalated

Tagged under: , , , , , , , , ,

The new malware ‘Letscall’ uses voice traffic routing to send audio

A warning has been issued regarding a sophisticated form of voice phishing (vishing) called “Letscall” that specifically targets individuals in South Korea. This advanced technique involves deceiving victims into downloading malicious apps from a fake Google Play Store website. Once installed, the malware redirects incoming calls to a call center operated by criminals who pose

Tagged under: ,

A Mexican hacker uses Android malware to attack global banks

An e-crime actor, known as Neo_Net, has been identified as the perpetrator of an Android mobile malware campaign targeting global financial institutions, with a specific focus on Spanish and Chilean banks. The campaign, which occurred between June 2021 and April 2023, resulted in the theft of over 350,000 EUR and the compromise of Personally Identifiable

Tagged under:

Diicot expands tactics with Cayosin Botnet, from crypto-jacking to DDoS attacks

Cybersecurity researchers have uncovered new information about the Romanian threat actor Diicot, revealing its potential for launching distributed denial-of-service (DDoS) attacks. Diicot, also known as Mexals, was initially discovered in July 2021 and was linked to a cryptojacking campaign. Recent analysis shows that Diicot is now using an off-the-shelf botnet agent called Cayosin, indicating its

Tagged under: