Technical Analysis In this section, we provide a detailed analysis of each component of the attack chain initiated when a victim receives and clicks on the link within the PDF. PDF analysis The PDF file is a fake invitation to a wine-tasting event purported to take place at the Indian ambassador’s residence on February 2nd, […]
Feb 01, 2024NewsroomCryptocurrency / Botnet Cybersecurity researchers have detailed an updated version of the malware HeadCrab that’s known to target Redis database servers across the world since early September 2021. The development, which comes exactly a year after the malware was first publicly disclosed by Aqua, is a sign that the financially-motivated threat actor behind […]
Jan 01, 2024NewsroomWindows Security / Vulnerability Security researchers have detailed a new variant of a dynamic link library (DLL) search order hijacking technique that could be used by threat actors to bypass security mechanisms and achieve execution of malicious code on systems running Microsoft Windows 10 and Windows 11. The approach “leverages executables commonly found […]
Nov 28, 2023NewsroomData Security / Data Breach Cybersecurity researchers have detailed a “severe design flaw” in Google Workspace’s domain-wide delegation (DWD) feature that could be exploited by threat actors to facilitate privilege escalation and obtain unauthorized access to Workspace APIs without super admin privileges. “Such exploitation could result in theft of emails from Gmail, data […]
andresr/Getty Images NCC Group released its Threat Pulse for September, which detailed a shocking increase of 153% in September for ransomware attacks. According to the report, the following groups were listed in the number of attacks: LostTrust RansomedVC LockBit Clop As far as targets for ransomware, North America was once again at the top of […]
Oct 04, 2023NewsroomCloud Security / Cyber Threat Microsoft has detailed a new campaign in which attackers unsuccessfully attempted to move laterally to a cloud environment through an SQL Server instance. “The attackers initially exploited a SQL injection vulnerability in an application within the target’s environment,” security researchers Sunders Bruskin, Hagai Ran Kestenberg, and Fady Nasereldeen […]
Oct 04, 2023THNCloud Security / Cyber Threat Microsoft has detailed a new campaign in which attackers unsuccessfully attempted to move laterally to a cloud environment through a SQL Server instance. “The attackers initially exploited a SQL injection vulnerability in an application within the target’s environment,” security researchers Sunders Bruskin, Hagai Ran Kestenberg, and Fady Nasereldeen […]