Cisco Vulnerability: CISA Alerts Of Smart Install Exploits
In light of recent cybercrime incidents, the United States (US) Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert pertaining to a Cisco vulnerability. As per recent reports, the Cisco vulnerability prevails within the Smart Install (SMI) feature and can be exploited for access to sensitive data. In this ... Read More
Sitting Ducks Attack: Over 1M Domains At Risk Of Takeover!
In the world of cybercrime, over 1 million domains now face a risk of threat actor-initiated takeover as the Sitting Ducks attack comes to light. As per recent reports, the attack is conducted via an exploitation of a domain name system (DNS) vulnerability and is carried out by Russian cybercriminals ... Read More
Hackers Use BingoMod Android RAT For Fraudulent Transactions
Recent media reports have cited cybersecurity researchers discovering a new Android remote access trojan (RAT) that’s currently referred to as BingoMod. The BingoMod Android RAT is capable of transferring funds from compromised devices and erasing its traces of existence. In this article, we’ll dig into the details of the Android ... Read More
Chrome Protection: App-Bound Encryption For Cookies Added
Ensuring a safe browsing experience for its users, Google has announced that it’s adding a new app-bound encryption layer to Chrome. As per media reports, the added layer will help prevent information-stealing malware from grabbing cookies. In this article, we’ll cover the app-bound encryption layer in detail and see how ... Read More
Windows Backdoor: Threat Actors Exploit BITS As C2 Mechanism
As per recent reports, cybersecurity researchers at Elastic Security Labs have discovered a new Windows backdoor. It leverages a built-in feature called the Background Intelligent Transfer Service (BITS), using it as a command-and-control (C2) mechanism. In this article, we’ll dive into the details of the Windows backdoor and learn about ... Read More
Crypto Malware Python Packages Spreading On Stack Exchange
Recent media reports have shed light on crypto malware that is being distributed via Python packages on a developer Q&A platform, Stack Exchange. The malware, if activated, is capable of draining cryptocurrency wallets belonging to the targeted users. In this article, we’ll focus on how the code works, the malicious ... Read More
CrowdStrike Alert: Phishing Attacks Targets German Customers
In a recent turn of events, CrowdStrike has issued a warning pertaining to an unfamiliar threat actor. According to the CrowdStrike alert, the threat actor aims to capitalize on the CrowdStrike Falcon Sensor update. In this article, we’ll dive deep in the details of the alert and how German customers ... Read More
North Korean Ransomware Attacks: DoJ Indicts Threat Actor
As per recent media reports, the United States (US) Department of Justice (DoJ) released an indictment against a threat actor being deemed responsible for North Korean ransomware attacks. It has been identified that the threat actor is an intelligence operative of the North Korean military. In this article, we’ll learn ... Read More
Google Vulnerability: ConfusedFunctions Leads To Data Access
Cybersecurity researchers, as of recent, have discovered a Google vulnerability impacting the Cloud Functions service. The Google vulnerability being categorized as one pertaining to privilege escalation, has been named ConfusedFunctions. In this article, we’ll dive into the details of the flaw and how it can be exploited by cybercriminals. ConfusedFunctions ... Read More
SmartScreen Flaw Exploited To Deliver Information Stealers
As per recent media reports, a SmartScreen flaw in Microsoft Defender that has now been patched was part of a new campaign-based exploit. The exploit was used to deliver information stealers that include ACT stealer, Meduza, and Lumma. In this article, we’ll explore the flaw in detail, allowing you to ... Read More
