As per recent reports, various Russian and Belarusian organizations have been targets of spear-phishing campaigns. These organizations belong to the non-profit, media, and international government sectors. Threat actors who orchestrated these spear-phishing campaigns appear to have interests that align with the Russian government. In this article, we’ll dive into these ... Read More

According to an updated advisory from the United States (US) Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation (FBI), the BlackSuit ransomware strain is known to have had demands totaling up to $500 million in payments. In this article, we’ll dive into the details of the ransomware ... Read More

Cybersecurity researchers at Menlo Security have recently uncovered phishing attacks leveraging Google Drawings and shortened links generated through WhatsApp. The aim of such an attack methodology is to evade detection and trick users into accessing malicious links that acquire sensitive information. In this article, we’ll cover these Google Drawings phishing ... Read More

Cybersecurity researchers at Sonar have recently uncovered Roundcube flaws pertaining to Webmail software. Threat actors can exploit these Webmail software security flaws to execute malicious JavaScript code and steal emails and passwords. In this article, we dive into details of the potential exploits and uncover the vulnerabilities involved. Let’s begin! ... Read More

As per recent reports, an unnamed media organization in South Asia had fallen prey to the GoGra backdoor in November 2023. The threat actor behind the South Asia media organization’s cyber attack is believed to be a part of Harvester, a nation-state hacking group. In this article, we’ll dive into ... Read More

In light of recent cybercrime incidents, the United States (US) Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert pertaining to a Cisco vulnerability. As per recent reports, the Cisco vulnerability prevails within the Smart Install (SMI) feature and can be exploited for access to sensitive data. In this ... Read More

In the world of cybercrime, over 1 million domains now face a risk of threat actor-initiated takeover as the Sitting Ducks attack comes to light. As per recent reports, the attack is conducted via an exploitation of a domain name system (DNS) vulnerability and is carried out by Russian cybercriminals ... Read More

Recent media reports have cited cybersecurity researchers discovering a new Android remote access trojan (RAT) that’s currently referred to as BingoMod. The BingoMod Android RAT is capable of transferring funds from compromised devices and erasing its traces of existence. In this article, we’ll dig into the details of the Android ... Read More

Ensuring a safe browsing experience for its users, Google has announced that it’s adding a new app-bound encryption layer to Chrome. As per media reports, the added layer will help prevent information-stealing malware from grabbing cookies. In this article, we’ll cover the app-bound encryption layer in detail and see how ... Read More

As per recent reports, cybersecurity researchers at Elastic Security Labs have discovered a new Windows backdoor.  It leverages a built-in feature called the Background Intelligent Transfer Service (BITS), using it as a command-and-control (C2) mechanism. In this article, we’ll dive into the details of the Windows backdoor and learn about ... Read More