Cyber Attack
TWELVE Threat Attacks Windows To Encrypt Then Deleting Victims’ Data
The threat actor, formed in 2023, specializes in ransomware attacks targeting Russian government organizations. It encrypts and deletes victim data, exfiltrates sensitive information, and aims to inflict maximum damage...
CVE/vulnerability
ToddyCat APT Abuses SMB, Exploits IKEEXT A Exchange RCE To Deploy ICMP Backdoor
ToddyCat is an APT group that has been active since December 2020, and primarily it targets the government and military entities in Europe and...
CVE/vulnerability
PKfail, Critical Firmware Supply-Chain Issue Let Attackers Bypass Secure Boot
Hackers often attack secure boot during the boot process to execute unauthorized code, which gives them the ability to bypass a system's security measures.By...
Cyber Security News
HardBit Ransomware Using Passphrase Protection To Evade Detection
In 2022, HardBit Ransomware emerged as version 4.0. Unlike typical ransomware groups, this ransomware doesn't use leak sites or double extortion.Their tactics include data...
CVE/vulnerability
Chinese APT40 Is Ready To Exploit New Vulnerabilities Within Hours Of Release
Multiple international cybersecurity agencies jointly warn of a PRC state-sponsored cyber group, linked to the Ministry of State Security and known by various names...
AWS
Hackers Attacking Vaults, Buckets, And Secrets To Steal Data
Hackers target vaults, buckets, and secrets to access some of the most classified and valuable information, including API keys, logins, and other useful data...
CVE/vulnerability
SolarWinds Serv-U Vulnerability Let Attackers Access sensitive files
SolarWinds released a security advisory for addressing a Directory Traversal vulnerability which allows a threat actor to read sensitive files on the host machine.This...
Cyber Attack
Cyber Attack Defenders Up For Battle: Huge Uptick In Timely Detections
Attackers are employing evasion techniques to bypass detection and extend dwell time on compromised systems. This is achieved by targeting unmonitored devices, leveraging legitimate...
CVE/vulnerability
Windows MagicDot Path Flaw Lets Attackers Gain Rootkit-Like Abilities
A new vulnerability has been unearthed, allowing attackers to gain rootkit-like abilities on Windows systems without requiring administrative privileges.Dubbed "MagicDot," this vulnerability exploits the...
Cyber Attack
FIN7 Hackers Attacking IT Employees Of Automotive Industry
IT employees in the automotive industry are often targeted by hackers because they have access to sensitive information such as customer data, intellectual property,...
Cyber Security News
Sisence Data Breach, CISA Urges To Reset Login Credentials
In response to a recent data breach at Sisense, a provider of data analytics services, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) advised...