Critical Vulnerabilities Discovered in SEL’s Power Management Products

In a recent disclosure, Schweitzer Engineering Laboratories (SEL) finds itself in the spotlight, as Nozomi Networks uncovers nine security Vulnerabilities within their electric power management products. These vulnerabilities, ranging in severity from 4.8 to 8.8 on the Common Vulnerability Scoring System (CVSS), present a critical threat to SEL-5030 acSELeratorQuickSet and… Read more

Phishing Attacks Introduce Fresh SideTwist Backdoor and Agent Tesla Variant

APT34, the Iranian threat Actor known by various aliases such as Cobalt Gypsy, Hazel Sandstorm, Helix Kitten, and OilRig, has surfaced in connection with a fresh phishing Campaign. This campaign takes an intricate route, culminating in the deployment of a SideTwist backdoor variant. Notably, APT34 has garnered a reputation for its advanced attack techniques, capable of tailoring intrusion methods to suit diverse targets. Operating in the Middle East since 2014, their primary focus has been… Read more

Smishing Triad Launches Large-Scale iMessage Smishing Campaign in U.S.

Chinese-speaking cybercriminals have launched a iMessage smishing (SMS phishing) campaign in the United States. This campaign involves sending iMessages from compromised Apple iCloud accounts, for identity theft and financial fraud. The orchestrators of this campaign, identified as the Smishing Triad, are involved in a fraudulent package-tracking text scam sent through iMessage. Their goal is to gather… Read more

Vietnamese Cybercriminals Launch Malvertising Attacks on Facebook Business Accounts

Malicious actors linked to the Vietnamese cybercrime landscape are capitalizing on advertising-as-an-entry point on social media platforms, notably Meta-owned Facebook, for propagating malware. Over the past year, cyber-attacks directed at Meta Business and Facebook accounts have surged in prominence. These attacks have been associated with entities like Ducktail and NodeStealer, known for targeting both… Read more

Microsoft Reveals How a Crash Dump Led to Outlook Security Breach

In a recent development, Microsoft disclosed that a threat actor originating from China, identified as Storm-0558, managed to obtain an inactive consumer signing key. This key was then exploited to forge tokens and gain unauthorized access to Outlook, achieved by compromising an engineer’s corporate account. The incident traces back to… Read more

CISA and FBI Warns of Nation-State Hackers Exploiting Fortinet and Zoho Vulnerabilities

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a warning on Thursday, highlighting the active exploitation of security vulnerabilities within Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus by multiple nation-state actors. These actors have been utilizing these vulnerabilities to gain unauthorized access to systems and establish a persistent presence. CISA, in collaboration with the Federal Bureau of Investigation (FBI) and Cyber National Mission Force (CNMF), revealed that… Read more

Malvertising Campaign Distributes Atomic Stealer Malware to macOS Users

A fresh malvertising campaign has emerged, shedding light on the ongoing maintenance and distribution of the macOS stealer malware known as Atomic Stealer, or AMOS. This stealthy malware, available for a monthly subscription of $1,000, first surfaced in April 2023. Since then, it has continuously evolved, with newer variants equipped with an expanded arsenal of data-gathering functionalities, specifically targeting… Read more