Dec 21, 2023NewsroomVulnerability / Zero-Day Google has rolled out security updates for the Chrome web browser to address a high-severity zero-day flaw that it said has been exploited in the wild. The vulnerability, assigned the CVE identifier CVE-2023-7024, has been described as a heap-based buffer overflow bug in the WebRTC framework that could be exploited […]
Last updated 20 December, 2023 The Global DJ Census from Digital DJ Tips is the biggest annual DJ survey in the world, and it’s back again! This is your chance to get your voice heard and make your opinion count – and it only takes around 10 minutes to enter. Enter now here. To thank […]
The use of public services as command-and-control (C2) infrastructure isn’t a revolutionary technique for malicious actors. ReversingLabs has observed such behavior in several malware campaigns throughout the last few years. Malware authors occasionally place their samples in services like Dropbox, Google Drive, OneDrive and Discord to host second stage malware and sidestep detection tools. However, […]
Published On : 2023-12-15 EXECUTIVE SUMMARY At CYFIRMA, our mission is to empower you with the latest insights into the dynamic landscape of cybersecurity threats, addressing risks that impact both organizations and individuals. This report details a sophisticated cyber threat involving a malicious Word file with an embedded macro that, upon opening, prompts victims to […]
Israel has named Iran and Hezbollah as the culprits behind a cyberattack on the the Ziv Medical Center. A joint investigation by the Israel National Cyber Directorate, the Israel Defense Forces, and the Israeli Security Agency determined that Iran’s Ministry of Intelligence orchestrated the attack, with the involvement of Hezbollah’s “Lebanese Cedar” cyber unit. Some […]
A transnational cybercrime operation was taken down this week after law enforcement agencies from 34 countries coordinated on nearly 3,500 arrests and the seizure of about $300 million in stolen funds. According to Interpol, law enforcement agencies have spent six months running operation HAECHI IV — which sought to target organizations involved in voice phishing, […]
The latest global malspam campaign targets the hotel industry, emphasizing the need to stay alert against such attacks at all times. Cybersecurity researchers at Sophos X-Ops have issued a warning to the hospitality industry about a sophisticated malspam campaign targeting hotels worldwide. The campaign leverages social engineering tactics to lure hotel representatives into opening password-protected archives containing malware designed […]
Dec 20, 2023NewsroomNetwork Security / Data Breach Ransomware groups are increasingly switching to remote encryption in their attacks, marking a new escalation in tactics adopted by financially motivated actors to ensure the success of their campaigns. “Companies can have thousands of computers connected to their network, and with remote ransomware, all it takes is one […]
Security researchers have observed a new fraudulent campaign orchestrated by the Smishing Triad gang and impersonating the United Arab Emirates Federal Authority for Identity and Citizenship. Operating through malicious SMS messages that claim to be from the General Directorate of Residency and Foreigners Affairs, the campaign specifically targets UAE residents and foreigners in the country. […]