Blog
VMConnect Supply Chain Attack Persists
ReversingLabs identified three new malicious Python packages on PyPI, which are linked to a previously discovered VMConnect campaign. Analysis of the packages reveals similarities to previous supply chain attacks attributed to the Lazarus Group. To protect against...
VMConnect Supply Chain Attack Persists
ReversingLabs identified three new malicious Python packages on PyPI, which are linked to a previously discovered VMConnect campaign. Analysis of the packages reveals similarities to previous supply chain attacks attributed to the Lazarus Group. To protect against...
VMConnect Supply Chain Attack Persists
ReversingLabs identified three new malicious Python packages on PyPI, which are linked to a previously discovered VMConnect campaign. Analysis of the packages reveals similarities to previous supply chain attacks attributed to the Lazarus Group. To protect against...
VMConnect Supply Chain Attack Persists
ReversingLabs identified three new malicious Python packages on PyPI, which are linked to a previously discovered VMConnect campaign. Analysis of the packages reveals similarities to previous supply chain attacks attributed to the Lazarus Group. To protect against...
Pennsylvania School District to Stay Open Despite Ransomware Attack
On Thursday, the Chambersburg Area School District published a message on its website and social media channels announcing that it had become yet another K-12 school district attacked by a ransomware gang.
Okta Warns of Social Engineering Attacks Targeting Super Administrator Privileges
Central to the attacks is a commercial phishing kit called 0ktapus, which offers pre-made templates to create realistic fake authentication portals and ultimately harvest credentials and MFA codes. It also has a built-in C2 channel via Telegram.
Update: Exploit Released for Critical VMware SSH Authentication Bypass Vulnerability
The proof-of-concept (PoC) exploit targets all Aria Operations for Networks versions from 6.0 to 6.10, and it was developed and released by Summoning Team vulnerability researcher Sina Kheirkhah.
Okta Warns of Social Engineering Attacks Targeting Super Administrator Privileges
Identity services provider Okta on Friday warned of social engineering attacks orchestrated by threat actors to obtain elevated administrator permissions. “In recent weeks, multiple US-based Okta customers have reported a consistent pattern of social engineering...
Golf Gear Giant Callaway Data Breach Exposes Info of 1.1 Million
Topgolf Callaway (Callaway) suffered a data breach at the start of August, which exposed the sensitive personal and account data of more than a million customers. Callaway is an American golf equipment maker and seller.
Golf Gear Giant Callaway Data Breach Exposes Info of 1.1 Million
Topgolf Callaway (Callaway) suffered a data breach at the start of August, which exposed the sensitive personal and account data of more than a million customers. Callaway is an American golf equipment maker and seller.
FREE GUIDE