Microsoft’s Digital Crimes Unit seized multiple domains used by a Vietnam-based cybercrime group (Storm-1152) that registered over 750 million fraudulent accounts and raked in millions of dollars by selling them online to other cybercriminals. […]
Stealthy KV-botnet hijacks SOHO routers and VPN devices
The Chinese state-sponsored APT hacking group known as Volt Typhoon (Bronze Silhouette) has been linked to a sophisticated botnet named ‘KV-botnet’ since at least 2022 to attack SOHO routers in high-value targets. […]
BazarCall attacks abuse Google Forms to legitimize phishing emails
A new wave of BazarCall attacks uses Google Forms to generate and send payment receipts to victims, attempting to make the phishing attempt appear more legitimate. […]
French police arrests Russian suspect linked to Hive ransomware
French authorities arrested a Russian national in Paris for allegedly helping the Hive ransomware gang with laundering their victims’ ransom payments. […]
LockBit ransomware now poaching BlackCat, NoEscape affiliates
The LockBit ransomware operation is now recruiting affiliates and developers from the BlackCat/ALPHV and NoEscape after recent disruptions and exit scams. […]
CISA: Russian hackers target TeamCity servers since September
CISA and partner cybersecurity agencies and intelligence services warned that the APT29 hacking group linked to Russia’s Foreign Intelligence Service (SVR) has been targeting unpatched TeamCity servers in widespread attacks since September 2023. […]
Hackers are exploiting critical Apache Struts flaw using public PoC
Hackers are attempting to leverage a recently fixed critical vulnerability (CVE-2023-50164) in Apache Struts that leads to remote code execution, in attacks that rely on publicly available proof-of-concept exploit code. […]
BazaCall Phishing Scammers Now Leveraging Google Forms for Deception
The threat actors behind the BazaCall call back phishing attacks have been observed leveraging Google Forms to lend the scheme a veneer of credibility.
The method is an “attempt to elevate the perceived authenticity of the initial malicious emails,” cybersecurity firm Abnormal Security said in a report published today.
BazaCall (aka BazarCall), which was first
The method is an “attempt to elevate the perceived authenticity of the initial malicious emails,” cybersecurity firm Abnormal Security said in a report published today.
BazaCall (aka BazarCall), which was first
Google Using Clang Sanitizers to Protect Android Against Cellular Baseband Vulnerabilities
Google is highlighting the role played by Clang sanitizers in hardening the security of the cellular baseband in the Android operating system and preventing specific kinds of vulnerabilities.
This comprises Integer Overflow Sanitizer (IntSan) and BoundsSanitizer (BoundSan), both of which are part of UndefinedBehaviorSanitizer (UBSan), a tool designed to catch various kinds of
This comprises Integer Overflow Sanitizer (IntSan) and BoundsSanitizer (BoundSan), both of which are part of UndefinedBehaviorSanitizer (UBSan), a tool designed to catch various kinds of
How to Analyze Malware’s Network Traffic in A Sandbox
Malware analysis encompasses a broad range of activities, including examining the malware’s network traffic. To be effective at it, it’s crucial to understand the common challenges and how to overcome them. Here are three prevalent issues you may encounter and the tools you’ll need to address them.
Decrypting HTTPS traffic
Hypertext Transfer Protocol Secure (HTTPS), the protocol for secure
Decrypting HTTPS traffic
Hypertext Transfer Protocol Secure (HTTPS), the protocol for secure