Cybersecurity

Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack

Apr 20, 2024NewsroomVulnerability / Network Security Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild by malicious actors. The company described the vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), as “intricate” and a combination of two bugs in versions PAN-OS 10.2, […]

Cybersecurity

Malvertising campaign targeting IT teams with MadMxShell

Backdoor Details – Binary Analysis Stage 1 injector The analysis in this blog is based on this ZIP archive: Advanced-ip-scanner.zip (SHA256:7966ee1ae9042e7345a55aa98ddeb4f39133216438d67461c7ee39864292e015). The ZIP archive contains two files: Advanced-ip-scanner.exe: A renamed copy of the legitimate Microsoft EXE oleview.exe. IVIEWERS.dll: A 22 MB DLL, which contains the stage two payload. This DLL is padded with an unused […]

Cybersecurity

ODNI appoints new election security leader ahead of presidential race

Updated at 5:30pm EST with details about ODNI’s Worldwide Threats Assessment. The top U.S. intelligence agency has revamped its election security team ahead of the 2024 presidential election, a contest multiple national security leaders have warned could be targeted by foreign adversaries using fast-moving attacks. Jessica Brandt, who previously held a variety of prominent research […]

Cybersecurity

Meta Details WhatsApp and Messenger Interoperability to Comply with EU’s DMA Regulations

Mar 08, 2024NewsroomInteroperability / Encryption Meta has offered details on how it intends to implement interoperability in WhatsApp and Messenger with third-party messaging services as the Digital Markets Act (DMA) went into effect in the European Union. “This allows users of third-party providers who choose to enable interoperability (interop) to send and receive messages with […]

Cybersecurity

FBI, CISA Release IoCs for Phobos Ransomware

The FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) have released details on the tactics and techniques threat actors are using to deploy the Phobos ransomware strain on target networks. The advisory is part of an ongoing stop-ransomware effort by the two entities working in collaboration with the Multi-State Information Sharing and Analysis […]

Cybersecurity

UAC-0184 Targets Ukrainian Entity in Finland with Remcos RAT | Cyware Hacker News

Morphisec Threat Labs has shared details of a new campaign that used steganography techniques to deliver the Remcos RAT onto the systems of a Ukrainian entity operating in Finland.  The campaign, attributed to a hacking group named UAC-0184, used a relatively new IDAT Loader to drop the trojan. Modus operandi According to researchers, the attack […]