LABRAT Campaign Exploits GitLab Vulnerability for Cryptojacking and Proxyjacking

A sophisticated campaign has come to light, showcasing the strategic utilization of a formerly vulnerable flaw within GitLab as a pivotal element in an intricate scheme involving both cryptojacking and proxyjacking endeavors. Employing concealed signature-based tools to remain off the radar, the attacker leveraged a multipronged arsenal. This included a complex cross-platform malware, fortified command-and-control (C2) tools that… Read more

Bronze Starlight Group Targets Gambling Sector with Cobalt Strike Beacons

An ongoing wave of cyber-attacks with origins traced back to China has set its sights on the Southeast Asian gambling sector, deploying Cobalt Strike Beacons to infiltrate compromised systems. The cybersecurity firm SentinelOne has revealed the strategic methods that indicate the fingerprints of a threat actor known as Bronze Starlight (also recognized as Emperor Dragonfly or Storm-0401). This entity has previously… Read more

Hackers Employ Zulip Chat and Duke Malware for Command and Control in Diplomatic Phishing Attacks

In an ongoing cybersecurity campaign with a strategic focus on NATO-affiliated nations, evidence has emerged implicating Russian threat actors as the orchestrators behind the scenes. Employing a series of phishing attacks, the campaign exploits PDF documents laced with diplomatic ruses, some of which masquerade as originating from Germany. These seemingly benign documents harbor a variant of the Duke malware, attributed to the notorious APT29, also known as… Read more

From Phishing to Ransomware: The 45 Most Common Hacking Methods

Cybersecurity threats are ever-evolving and becoming more sophisticated. Hackers employ a multitude of strategies to exploit vulnerabilities and gain unauthorized access to sensitive information. For industry leaders and IT professionals, it is crucial to understand the most commonly used tactics and techniques to effectively defend against threat actors. Here are the top 45 commonly used hacking methods, with some effective and practical tips on how to strengthen your defenses against them. Read more

Critical Vulnerability Exploited: Over 2,000 Citrix NetScaler Instances Compromised

Approximately 2,000 instances of Citrix NetScaler have fallen victim to a backdoor compromise. This incident arises from the exploitation of a critical security vulnerability, CVE-2023-3519, that was recently disclosed. The breach was executed as part of a large-scale attack, emphasizing the increasing sophistication of cyber adversaries. NCC Group, a renowned cybersecurity firm, indicated that the adversary behind this breach appears to have… Read more

Critical Vulnerabilities in Ivanti Avalanche Puts 30,000 Organizations at Risk

A series of critical security vulnerabilities have emerged within the framework of Ivanti Avalanche, a prominent mobile device management solution adopted by approximately 30,000 corporate entities. These security concerns, collectively designated as CVE-2023-32560 and carrying a significant CVSS score of 9.8, manifest as stack-based buffer overflows inherent to the Ivanti Avalanche WLAvanacheServer.exe version 6.4.0.0. In essence, an assailant devoid of authentication can manipulate… Read more

From Insight to Action: Building the PowerExchange Malware Sigma Rule

As the threat landscape continues to evolve, the need for precise and effective detection mechanisms becomes paramount. This article sheds light on the creation of a Sigma Rule tailored to identify the PowerExchange malware, a sophisticated backdoor known for its covert communication methods and elusive behaviors. By dissecting the unique traits of PowerExchange and distilling them into a comprehensive Sigma rule, we empower security professionals with a potent tool to counter this emerging cyber menace. Read more