TetrisPhantom: APAC Governments Targeted in Cyber Espionage Campaign via Secure USBs
A recently uncovered espionage Campaign, TetrisPhantom, has set its sights on government entities across the Asia-Pacific (APAC) region. Discovered by Cybersecurity experts at Kaspersky in early 2023, the campaign utilizes a discreet method of infiltrating highly secure networks… Read more
D-Link Confirms Breach After Employee Falls Victim to Phishing Attack
D-Link, a prominent Taiwanese networking equipment manufacturer, disclosed a security breach stemming from a network infiltration. The breach exposed a compilation of data, including the source code for D-Link’s D-View network management software and a trove of customer and employee information, raising concerns about cybersecurity practices in the company… Read more
Henry Schein Cyber Attack Confirmed, Attackers Take Down Website
On October 15, 2023, Henry Schein, a prominent healthcare retail company, confirmed a cyberattack, raising concerns over potential compromise of consumer and employee data. The incident, detected on October 14, targeted the company’s manufacturing and distribution sectors. The cyber assailants prompted Henry Schein to take immediate action, involving law enforcement and engaging… Read more
CERT-UA Reports: UAC-0165 Hits 11 Ukrainian Telecom Providers with POEMGATE and POSEIDON Malware
The Computer Emergency Response Team of Ukraine (CERT-UA) exposed the activities of threat actors, codenamed UAC-0165, who orchestrated disruptions across 11 telecommunication service providers in the country from May to September 2023. The incursions initiated with a reconnaissance phase, where the assailants scanned telecom networks to… Read more
Critical Flaw Discovered in Cisco’s IOS XE Software
Cisco, a stalwart in the networking equipment domain, recently uncovered a critical security flaw nestled within its IOS XE software. Tracked as CVE-2023-20198, this zero-day vulnerability emerges from the web UI feature and has attained the ominous maximum severity rating of 10.0 on the CVSS scoring system. Read more
Demystifying SIEM: A Beginner’s Guide to Security Information and Event Management
In the complex world of cybersecurity, defending against evolving threats is paramount. Explore the power of Security Information and Event Management (SIEM) in our concise guide. Discover its core components, functions, and its pivotal role in fortifying digital defenses. Whether you’re a cybersecurity pro or a newcomer, gain actionable insights that transcend the basics. Elevate your defense strategy—read the guide now and fortify your digital assets against cyber threats. Read more
Exploitation of WinRAR Vulnerability Unleashes Phishing Blitz
Cybersecurity analysts recently uncovered a strategic move by pro-Russian hacking groups capitalizing on a newly exposed security loophole in the widely-used WinRAR archiving utility. The exploit forms a crucial component of an elaborate phishing campaign designed to extract sensitive credentials from compromised systems. Read more
Healthcare Industry Alert: ‘NoEscape’ RaaS Gang Poses Significant Threat, Warn Federal Agencies
Federal authorities have issued a warning to the healthcare and public health sector regarding the emergence of NoEscape, a relatively recent multi-extortion ransomware-as-a-service group. The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center highlights NoEscape as a formidable adversary that has been conducting aggressive attacks across various industries since May 2023. Read more
ToddyCat Enhances Toolkit for Stealthy Data Exfiltration
In the ever-evolving landscape of cyber threats, the advanced persistent threat (APT) actor, ToddyCat, has resurfaced with a novel array of malicious tools, providing a glimpse into their evolving tactics and capabilities. Kaspersky, a prominent cybersecurity entity, has unearthed these developments, following its initial exposure of ToddyCat last year in connection with… Read more
PEAPOD RAT Targets Women in Political Leadership
European Union military personnel and political leaders working on gender equality initiatives have emerged as the target of a new campaign that delivers an updated version of RomCom RAT called PEAPOD. Cybersecurity firm Trend Micro attributed the attacks to a threat actor it tracks under the name Void Rabisu, which is also known as Storm-0978, Tropical Scorpius, and UNC2596, and is also believed to be associated with Cuba ransomware. Read more
Guardio Labs Unveils Stealthy EtherHiding Campaign on Binance’s Smart Chain
In a recent revelation, Guardio Labs has identified a sophisticated malware campaign leveraging Binance’s Smart Chain (BSC), marking a notable advancement in what experts are terming the “next level of bulletproof hosting. While their initial method of hosting code on abused Cloudflare Worker hosts was taken down, they’ve quickly pivoted to take advantage of… Read more