Blog
TA505 Hacker Group Deploys Sneaky RMS Tool in Phishing Campaign
The attackers are using a Remote Management System (RMS) executable to trick victims into downloading malware disguised as banned applications like ExpressVPN, WeChat, and Skype.
Chinese Hackers Target Semiconductor Firms in East Asia with Cobalt Strike
Threat actors have been observed targeting semiconductor companies in East Asia with lures masquerading as Taiwan Semiconductor Manufacturing Company (TSMC) that are designed to deliver Cobalt Strike beacons. The intrusion set, per EclecticIQ, leverages a backdoor...
Qakbot-Affiliated Actors Distribute Ransom Knight Malware Despite Infrastructure Takedown
Qakbot malware operators have continued their malicious activities, distributing Ransom Knight ransomware and the Remcos backdoor via phishing emails, despite the recent infrastructure takedown.
CISA Pivots Focus to China-Linked Threats Against Critical Infrastructure
The CISA is focusing on the growing threat activity from China, which has become the top nation-state cyber adversary to the U.S., particularly targeting critical infrastructure like rail transportation and energy sectors.
New OS Tool Tells You Who Has Access to What Data
Ensuring sensitive data remains confidential, protected from unauthorized access, and compliant with data privacy regulations is paramount. Data breaches result in financial and reputational damage but also lead to legal consequences. Therefore, robust data access...
Lorenz Ransomware Embroiled in its Own Two-Year Data Leak
The leaked data from a misconfigured web server includes names, email addresses, and subject lines of individuals who sought information from Lorenz, spanning from June 2021 to September 2023.
GitHub’s Secret Scanning Feature Now Covers AWS, Microsoft, Google, and Slack
GitHub has announced an improvement to its secret scanning feature that extends validity checks to popular services such as Amazon Web Services (AWS), Microsoft, Google, and Slack. Validity checks, introduced by the Microsoft subsidiary earlier this year, alert users...
CISA Warns of Active Exploitation of JetBrains and Windows Vulnerabilities
The authentication bypass vulnerability in JetBrains TeamCity has already seen exploitation attempts from 74 unique IP addresses, while the privilege escalation flaw in Microsoft Windows CNG Key Isolation Service has no documented exploitation.
Update: Clorox Warns of Quarterly Loss Related to August Cyberattack, Production Delays
Clorox anticipates continued operational strain in the second quarter but hopes to benefit from restocking retailer inventory, while assessing the long-term impact on earnings.
Researchers Warn of 100,000 Industrial Control Systems Exposed Online
The United States, Canada, and Italy are the countries with the highest number of organizations with exposed ICSs, while sectors such as Education, Technology, and Government show the least secure ICS security.
FREE GUIDE