The latest variant employs obfuscated PowerShell commands to download and execute malicious payloads, utilizing Windows binaries like Mshta.exe and Dllhost.exe for stealth.
The most dangerous vulnerability you’ve never heard of. In the world of cybersecurity, vulnerabilities are discovered so often, and at such a high rate, that it can be very difficult to keep up with. Some vulnerabilities will start ringing alarm bells within your security tooling, while others are far more nuanced, but still pose an […]
APT33 used the new Tickler malware to infiltrate government and defense organizations in the US and the UAE. The group, known as Peach Sandstorm and Refined Kitten, is linked to the Iranian Revolutionary Guard Corps.
Continuing the brand’s ongoing mission to bring dub-style effects to producers and DJs, this clever little box unlocks the wonderful world of spring reverb. If you don’t already know Benidub, the quick explanation is that this boutique brand specialises in dub equipment, from echo effects to sirens, filters and more. We’ve long been fans of […]
A critical vulnerability, CVE-2024-42815, with a CVSS score of 9.8, has been discovered in TP-Link RE365 V1_180213 series routers, allowing for remote exploitation and potential takeover.
The domain actsblue[.]com is posing as the legitimate actblue[.]com, a platform for Democratic Party donations. The malicious site is registered anonymously with Namecheap, making it difficult to trace back to the threat actors.
Threat actors with ties to North Korea have been observed publishing a set of malicious packages to the npm registry, indicating “coordinated and relentless” efforts to target developers with malware and steal cryptocurrency assets. The latest wave, which was observed between August 12 and 27, 2024, involved packages named temp-etherscan-api, ethersscan-api, telegram-con, helmet-validate, and
A comprehensive guide authored by Dean Parsons, SANS Certified Instructor and CEO / Principal Consultant of ICS Defense Force, emphasizes the growing need for specialized ICS security measures in the face of rising cyber threats. With a staggering 50% increase in ransomware attacks targeting industrial control systems (ICS) in 2023, the SANS Institute is taking […]
Chinese-speaking users are the target of a “highly organized and sophisticated attack” campaign that is likely leveraging phishing emails to infect Windows systems with Cobalt Strike payloads. “The attackers managed to move laterally, establish persistence and remain undetected within the systems for more than two weeks,” Securonix researchers Den Iuzvyk and Tim Peck said in […]