Sandman Targets Telecom Providers Across Three Continents

An unknown Threat actor, codenamed Sandman, has emerged onto the scene, orchestrating a series of cyber-attacks aimed at telecommunication providers across the Middle East, Western Europe, and the South Asian subcontinent. This elusive adversary has raised concerns due to their utilization of a just-in-time (JIT) compiler for the Lua programming language, known as LuaJIT, to deploy… Read more

Critical Vulnerabilities Discovered in Atlassian Products and ISC BIND Server

Atlassian and the Internet Systems Consortium (ISC) have jointly disclosed a series of security vulnerabilities affecting their respective products. These vulnerabilities have the potential to be exploited, leading to denial-of-service (DoS) attacks and remote code execution (RCE). Atlassian, the Australian software services provider, has addressed four high-severity vulnerabilities in their products. Among them, CVE-2022-25647, with a CVSS score of 7.5, pertains to a… Read more

Vulnerabilities Discovered in Nagios XI Network Monitoring Software

A series of security vulnerabilities have come to light in Nagios XI, a widely used Network Monitoring Software. These vulnerabilities, tracked from CVE-2023-40931 to CVE-2023-40934, have raised concerns regarding potential privilege escalation and… Read more

Venom RAT Spreads Through Fake WinRAR Vulnerability Exploit on GitHub

A malicious actor executed a rather unconventional strategy by releasing a counterfeit proof-of-concept (PoC) exploit for a newly unveiled WinRAR vulnerability on the popular code-sharing platform GitHub. The intent behind this peculiar maneuver was to compromise unsuspecting users who downloaded the… Read more

TransUnion Hacked by the Threat Actor ‘USDoD’

TransUnion, a prominent credit reporting agency, appears to be grappling with a potential data breach incident. A hacker, operating under the alias “USDoD,” has allegedly compromised the personal information of 58,505 customers spanning North and South America, as well as Europe. The breached data reportedly encompasses sensitive details such as… Read more

ALPHV Breaches Australian Law Firm Impacting 65 Government Organizations

In April, a ransomware incident targeted one of Australia’s prominent law firms, HWL Ebsworth, causing a ripple effect across the nation’s cybersecurity landscape. The breach, which exposed 1.45 gigabytes of the firm’s data, was attributed to the Russian-speaking hacking group Alphv, also known as BlackCat. One noteworthy aspect of this breach is the collateral damage incurred by various Australian… Read more

Rusty Flag Campaign Targets Azerbaijan with Rust-Based Malware

A series of targeted attacks centered in Azerbaijan has drawn the attention of experts. This campaign exhibits a distinct characteristic: the deployment of malware crafted in the Rust programming language. Referred to as “Operation Rusty Flag” by the cybersecurity firm Deep Instinct, this initiative has yet to be associated with any known Threat Actor or group. Read more

ShroudedSnooper Targets Middle East Telecoms with HTTPSnoop Backdoor

In the Middle East, telecommunication service providers face a growing cybersecurity threat in the form of a new intrusion set known as ShroudedSnooper. This malicious campaign employs a stealthy backdoor called HTTPSnoop, designed to infiltrate target systems discreetly and… Read more

Sphynx Encryptor Deployed in BlackCat Ransomware Attack on Azure Storage

The BlackCat (ALPHV) ransomware group has exhibited an evolved modus operandi, leveraging stolen Microsoft accounts and a recently discovered encryptor known as Sphynx to target Azure cloud storage. The attackers have embraced a new variant of the Sphynx encryptor, enhancing it with the capability to employ custom credentials. This newfound versatility allowed the threat actors to gain unauthorized access to… Read more

UNC3944 Threat Actor Shifts to Ransomware Attacks for Financial Gain

Cybersecurity experts have identified a shift in tactics by the financially motivated threat actor known as UNC3944. This group has expanded its monetization strategies, now incorporating ransomware deployment as part of its arsenal. Mandiant, a leading threat intelligence firm, has… Read more

Exploring Man-in-the-Middle Attacks and How to Defend Against Them

In an era defined by digital connectivity, where online communication reigns supreme, the realm of cybersecurity threats has evolved into a landscape of unprecedented sophistication. Amidst this evolving threat landscape, the Man-in-the-Middle (MitM) attack emerges as a particularly formidable threat, poised to disrupt the operations of organizations worldwide. In this article, we will comprehensively explore MitM attacks. We will dissect their intricate mechanics, delve into the diverse tactics employed by attackers, and illuminate the various guises these attacks can assume. Read more