Author: admin

Social Engineering Attack Costs Billions

Eli Lilly lost USD15 billion in market cap to a social engineering attack. The attack happened only days after Twitter announced a USD8 fee for the blue check mark verification last Wednesday. Following the social engineering attack, Twitter suspended the option. Since Twitter first applied the option, parody accounts of known companies and individuals got […]

Malware Delivered via Contact Forms

The DFIR Report expands on an intrusion from May 2022, where threat actors used BumbleBee as the initial access vector from a Contact Forms campaign. The intrusion began with the delivery of an ISO file that contained an LNK and a DLL. The threat actors leveraged BumbleBee to load a Meterpreter agent and Cobalt Strike […]

Spear-phising for Malware Delivery

Since it first started being active in 2020, Earth Longzhi’s long-running campaign can be divided into two based on the range of time and toolset. During its first campaign deployed from 2020 to 2021, Earth Longzhi targeted the government, infrastructure, and health industries in Taiwan and the banking sector in China. In its second campaign […]

Evasive Techniques used by injected Websites

Analysis of a new technique to inject websites with SocGholish malware found using zip compression, obfuscation, strrev functions, and other evasive techniques to avoid detection. Once installed, fake browser updates infect the victim’s computer with various types of malware including remote access trojans (RATs). SocGholish malware is often the first step in severe targeted ransomware […]

Hive Ransomware

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) are releasing this joint CSA to disseminate known Hive IOCs and TTPs identified through FBI investigations as recently as November 2022. As of November 2022, Hive ransomware actors have victimized over 1,300 companies […]

Removing Uninstalled Software Data from Windows

It’s common for Windows users to uninstall applications from their computers. It’s pointless to keep applications on your disk if you no longer use them. Unfortunately, when you uninstall an application, some of its data may remain on the hard disk.  To make matters worse, these application remnants sometimes contain sensitive data. In this article, […]

Microsoft 365 Tips and Tricks

Understanding Microsoft 365 security for your environment Why MFA Is More Important than Ever for Microsoft 365 How To Adjust The Multi-Factor Authentification (MFA) For Microsoft 365 How to Build Workflows Using Power Automate and AI in Microsoft 365 Microsoft 365 Login: Troubleshooting User Sign-In Problems How to Prevent Microsoft 365 From Purging Old Messages […]

Windows Tech News

Windows 11 22H2 no longer supports Software Restriction Policies (SRP) (Günter Born) Microsoft WinGet package manager failing due to CDN issues (Bleeping Computer) Turns out shutting off Windows 11 security features helps Intel graphics cards performance, too (OnMSFT) Windows Server news Microsoft: Server Manager disk resets can lead to data loss (Bleeping Computer)

Cloud 9 Chrome Botnet

The Zimperium zLabs team recently discovered a malicious browser extension, originally called Cloud9, which not only steals the information available during the browser session but can also install malware on a user’s device and subsequently assume control of the entire device. The extension, Cloud9, was never found on any official browser extension store; instead relying […]

Why Cybercriminal like IPFS

The InterPlanetary File System (IPFS) is a Web3 technology designed to enable decentralized storage of resources on the internet. When content is stored on the IPFS network, it is mirrored across many systems that participate in the network, so that when one of these systems is unavailable, other systems can service requests for this content. […]

Should you Filter Websites at Workplace

Remote working and web-based services are contributing to the success of many businesses. Yet, dependence on an internet connection makes companies vulnerable to web-based threats. For example, malicious software enters corporate networks when employees browse the internet. Also, clicking and downloading files from anywhere online increases malware risks by 32%. But you can still ban certain […]

Simple Penetration Testing Guide

The number of cyberattacks is increasing alarmingly around the globe. Nowadays, cybercriminals target almost all companies despite their size or domain. This encourages companies to find a solution to secure their systems and confidential data. Thus, companies invest large capital and resources in penetration testing as their first line of defense. Penetration testing is an effective cybersecurity […]

Is CIFS still relevant ?

Protocols have guided server-client communications for a long time—and they’re a good way to send and receive data. But every protocol has various nuances. Therefore, you should know which protocol you want to use before setting up a network. Even with the advancement of technology, server-client protocols have remained constant. As such, many are 20 years […]

Network Segmentation Best Practices

Your network is your company’s greatest strength. However, it can also be your company’s greatest weakness if you don’t protect it well. Networks have changed a lot since the days of simple switches, routers, and a flat network structure. Today, we have on-prem servers, devices with cloud services, and a distributed workforce. With more complex networks, network […]

Google PlayStore Apps Leads to Phishing Sites

A family of malicious apps from developer “Mobile apps Group sic” are listed on Google Play and infected with Android/Trojan.HiddenAds.BTGTHB. In total, four apps are listed, and together they have amassed at least one million downloads. When users first install this malicious app, it takes a couple of days before it begins to display malicious behavior. […]

RomCom Threat Actor Spoofs Keepass and Solarwinds

The threat actor known as RomCom is actively deploying new campaigns aimed at victims in Ukraine and English-speaking regions. The BlackBerry Threat Research and Intelligence Team discovered new campaigns that spoof popular brand-name software packages. The United Kingdom is possibly a new target, while Ukraine is still the main focus. Blackberry found RomCom leveraging the […]

FormBook Stealer Is Gaining Traction

FormBook stealer is an infostealer‍ trojan available as a malware-as-service. This malware is often used by attackers with low technical literacy and little programming knowledge. FormBook can be used to steal various information from infected machines. Despite how easy it is to set up and use, the malware has advanced stealing and evasion functions including […]

Scroll to top
× How can I help you? Available from 08:00 to 22:00