Author Info

In recent developments, the Matrix botnet has been identified as the driving force behind an extensive distributed denial-of-service (DDoS) campaign. This operation exploits security weaknesses and misconfigurations in Internet of Things (IoT) devices, integrating them into a potent botnet capable of significant disruptions. Comprehensive Setup According to Assaf Morag, director

In a recent security breach analysis, experts uncovered a unique variant of the Mimic ransomware—dubbed "Elpaco." This advanced threat exploits the Zerologon (CVE-2020-1472) vulnerability for privilege escalation after infiltrating servers via Remote Desktop Protocol (RDP) through a brute-force attack. The intriguing twist with this ransomware is its

In a concerning development for Japan's cyber landscape, Trend Micro has uncovered a spear-phishing operation that emerged in June 2024, demonstrating sophisticated techniques linked to the notorious Earth Kasha group. Spear-Phishing Campaign The campaign demonstrates advanced spear-phishing tactics, targeting specific entities in Japan. Timeline and Location Active since

The FBI, CISA, and ACSC have released an updated security advisory concerning the BianLian cybercrime group, highlighting a significant shift in their attack methods. Background on BianLian's Operations BianLian, believed to operate primarily out of Russia, has been a persistent threat to critical infrastructure sectors in the U.

Security researchers at Checkmarx have unveiled a sophisticated supply chain attack enduring for over a year, embedding malicious code within the software package @0xengine/xmlrpc. Initially appearing as a legitimate XML-RPC tool, it later transformed into a vector for crypto mining and data theft. Duration and Updates The package operated

QNAP has urgently issued security updates to patch several critical vulnerabilities affecting its NAS devices and routers. Among these are severe flaws that could lead to unauthorized access and remote code execution. Users are strongly advised to apply these updates immediately to protect their systems. Notes Station 3 Security Flaws

Earth Estries, a cyber threat group associated with China, has been observed deploying a newly identified backdoor, GHOSTSPIDER, in its targeted attacks against Southeast Asian telecommunications firms. According to Trend Micro, this advanced persistent threat (APT) group is employing sophisticated strategies to penetrate multiple industries. Targeted Sectors and Geographical Spread

The Russian cybercrime group known as RomCom has recently launched attacks using two zero-day vulnerabilities affecting Firefox and Tor Browser users in Europe and North America. These attacks were meticulously crafted to target specific industries, exploiting security flaws to gain unauthorized access to systems. Firefox Zero-Day (CVE-2024-9680) This vulnerability, identified

Critical Vulnerability Exploited in Array Networks SSL VPN Products Hackers have been found exploiting a critical vulnerability in Array Networks' SSL VPN products, as confirmed by the U.S. Cybersecurity and Infrastructure Security Agency (CISA). This vulnerability, identified as CVE-2023-28461, affects both Array AG Series hardware and vxAG virtual