IT Guides and CyberSecurity News

Security News

  • Aurora a trending infostealer Malware
    Since September 2022, Aurora malware is advertised as an infostealer and several traffers teams announced they added it to their malware toolset. Furthermore, SEKOIA.IO observed an increase in the number of Aurora samples distributed in the wild, as well as C2 servers. First advertised on Russian-speaking underground forums in April 2022, Aurora is a multi-purpose […]
  • Vulnerable SDK components lead to supply chain risks
    Vulnerable SDK components lead to supply chain risks in IoT and OT environments Vulnerabilities in network components, architecture files, and developer tools have become increasingly popular attack vectors to gain access into secure networks and devices. External tools and products that are managed by vendors and developers can pose a security risk, especially to targets […]
  • Social Engineering Attack Costs Billions
    Eli Lilly lost USD15 billion in market cap to a social engineering attack. The attack happened only days after Twitter announced a USD8 fee for the blue check mark verification last Wednesday. Following the social engineering attack, Twitter suspended the option. Since Twitter first applied the option, parody accounts of known companies and individuals got […]
  • Malware Delivered via Contact Forms
    The DFIR Report expands on an intrusion from May 2022, where threat actors used BumbleBee as the initial access vector from a Contact Forms campaign. The intrusion began with the delivery of an ISO file that contained an LNK and a DLL. The threat actors leveraged BumbleBee to load a Meterpreter agent and Cobalt Strike […]
  • Spear-phising for Malware Delivery
    Since it first started being active in 2020, Earth Longzhi’s long-running campaign can be divided into two based on the range of time and toolset. During its first campaign deployed from 2020 to 2021, Earth Longzhi targeted the government, infrastructure, and health industries in Taiwan and the banking sector in China. In its second campaign […]
  • Evasive Techniques used by injected Websites
    Analysis of a new technique to inject websites with SocGholish malware found using zip compression, obfuscation, strrev functions, and other evasive techniques to avoid detection. Once installed, fake browser updates infect the victim’s computer with various types of malware including remote access trojans (RATs). SocGholish malware is often the first step in severe targeted ransomware […]
  • Hive Ransomware
    The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) are releasing this joint CSA to disseminate known Hive IOCs and TTPs identified through FBI investigations as recently as November 2022. As of November 2022, Hive ransomware actors have victimized over 1,300 companies […]
  • Compromised QNAP devices used for Command and Control
    As reported earlier by Red Canary, compromised QNAP devices were used for command and control (C2) infrastructure for Raspberry Robin activity. HTTP requests that contain the victim’s user and device names are sent to the QNAP device, as well as hosting a malicious DLL that is downloaded and installed to the victim system. Image from Microsoft Security […]
  • Cloud 9 Chrome Botnet
    The Zimperium zLabs team recently discovered a malicious browser extension, originally called Cloud9, which not only steals the information available during the browser session but can also install malware on a user’s device and subsequently assume control of the entire device. The extension, Cloud9, was never found on any official browser extension store; instead relying […]

IT Guides

  • Why are Network Management Solution Important

    The network management solution (NMS) market contains many products that claim to offer the best experience and network security. To this end, choosing a solution that meets your needs can be challenging.

    One of the biggest challenges has to do with trusting these solutions. Are they safe? Are they reliable? Remember that you need to keep your network as secure as possible to keep it functioning efficiently. A solution that provides you with too many tools can leave you feeling confused. On the other hand, streamlined solutions might not have the necessary tools. Not to worry, I’ve got you covered.

    In this article, we’ll learn more about network management solutions (NMS) and some of their must-have features.

  • What are Advanced Persistent Threats(APT)

    Cybercriminals often use an advanced persistent threat (APT) to sustain surveillance or attacks against targets. One of the most valuable assets in a business is its data. Cybercriminals use APTs to steal your information, including trade secrets and patents. Also, bad actors can use APTs to gain employee and client information for extortion or to help better understand your company. 

    To this end, advanced persistent threats are campaigns against a target where a sustained presence launches surveillance or disruptive attacks. APTs are dangerous as they use advanced techniques to stay undetected. This article discusses what advanced persistent threats are and how to protect your business from bad actors. First, let’s take a look at what an APT is! 

  • Essential Email Security Policies

    Although the average person may not encounter a substantial amount of emails, businesses and people within these businesses use email every day. Unfortunately, cybercriminals often use this common messaging tool as an attack vector. In this year’s Cost of a Data Breach Report, phishing is the costliest initial attack vector, with an average of USD4.91 million. The second highest is the dreaded Business Email Compromise (BEC) attack at USD4.89 million. If it hasn’t sunk in yet, both attack vectors involve email. So it’s clear that you need to implement email security policies!

    In this article, we shall see email security policies to help you in your email security practices. And discuss why you should have an email security policy document and what to include in that document.

  • Why You Need Email Spam Filter

    Unwanted communication, or email spam, is a common challenge for many businesses today. Cyberattackers often send mass emails to millions of email addresses they scraped from the internet. These emails usually have a sense of urgency, lucrative offers, or even mimic other genuine sites. However, the main motivation behind these emails is far more sinister. Specifically, cyberattackers want people to click on malicious links within these emails. This could result in data theft or even malware downloading itself onto the victim’s computer. Email spam filters can help in this case! They’re useful tools that can protect your company from email-based attacks.

    In this article, We’ll see email spam filters are, why you need them, and how they work. Then, the different components you can find in them and the key features to consider before investing in one.

  • 5 Things to Consider When Assessing Your VM Density

    Businesses try to get the most out of any capital expenditure to improve their bottom line. When it comes to virtualization, this means trying to get the highest possible return on their virtualization hardware investment. You can do this by increasing the number of virtual machines (VMs) hosted. The greater the number of VMs, the lower the per VM hardware cost. This is what VM density means. Sounds great, right? Not if you add too many VMs to a finite infrastructure with limited resources. 

    Excessively high VM density can result in problems with performance, stability, and workload availability. In this article, we’ll see the 5 key factors to consider when optimizing your VM density. After discussing P2V ratios, we’ll discuss more about hypervisor overheads. Then the overloading clusters and peak demand spikes. Let’s get started! 

  • Removing Uninstalled Software Data from Windows

    It’s common for Windows users to uninstall applications from their computers. It’s pointless to keep applications on your disk if you no longer use them. Unfortunately, when you uninstall an application, some of its data may remain on the hard disk.  To make matters worse, these application remnants sometimes contain sensitive data.

    In this article, I’ll show you where in your system old application data may continue to exist. Finding the leftover application data is the hard part — once you find it, you can simply select and delete it. That’s why this article will primarily focus on the places where you’ll find the hidden software data.  

    It’s important to note that these aren’t the only places you can find this data. But, these are the most common locations where leftover application data exists. Let’s first look at the some initial preparations before we jump in.

  • Should you Filter Websites at Workplace

    Remote working and web-based services are contributing to the success of many businesses. Yet, dependence on an internet connection makes companies vulnerable to web-based threats. For example, malicious software enters corporate networks when employees browse the internet. Also, clicking and downloading files from anywhere online increases malware risks by 32%. But you can still ban certain websites at work to improve security, and this is where web filtering is useful.

    So, what exactly is web filtering, and how does it work? What are its different types, and how can you choose a web filtration tool? You’ll get the answers to all these questions in this article.

  • Simple Penetration Testing Guide

    The number of cyberattacks is increasing alarmingly around the globe. Nowadays, cybercriminals target almost all companies despite their size or domain. This encourages companies to find a solution to secure their systems and confidential data. Thus, companies invest large capital and resources in penetration testing as their first line of defense. Penetration testing is an effective cybersecurity practice that will help identify attack vectors early to secure your company.

    In this article, you’ll learn more about penetration testing, how it differs from vulnerability scans, and its different types. We’ll also discuss the various stages of penetration testing, its methods, etc.

  • Is CIFS still relevant ?

    Protocols have guided server-client communications for a long time—and they’re a good way to send and receive data. But every protocol has various nuances. Therefore, you should know which protocol you want to use before setting up a network. Even with the advancement of technology, server-client protocols have remained constant. As such, many are 20 years or older. One of those protocols is about that old but is now ready for retirement—the Common Internet File System (CIFS) protocol.

    In this article, We’ll cover the CIFS protocol, how it works, and its functionality. And also share some of its use cases and compare it with two other file transfer protocols.

Tech News

  • Crypto Mugging is on the Rise

    People around the world are being jumped on the street, their phones taken, and their crypto wallets fully drained. This new threat combines the criminal activities of the past with those of the future. Read More …

    Read more
  • Password-protected Excel spreadsheet pushes Remcos RAT

    Investigation of an email with a password-protected Excel file attached to it revealed Remcos RAT 3.x activity remarkably similar to an infection chain reported by Fortinet last month. This diary reviews a Remcos RAT infection in Brad Duncan’s lab on Wednesday 2022-05-04.

    Read more

    If you’re shopping for a new phone on a budget, we’ve got good news: you’re more likely to find midrange sub-$500 phones available in these days of crunched supply chains than many of the recent flagships. Fortunately, there are many excellent alternatives to the pricey, premium models that are nearly as capable and cost a lot […]

    Read more
  • Here’s how Microsoft’s new One Outlook email app will work

    Microsoft has announced the beta for the new Outlook for Windows, which will make the desktop email client a lot more like the web version. While screenshots and an entire build of the app were recently leaked, Microsoft’s announcement gives us a good look at what kind of features we can expect to see coming to our inboxes. […]

    Read more

Android Anti-Spam apple APT chrome Crypto miner CTI cyberattack Cybersecurity Edge Email EMotet Firewall GooglePlay Guide incident management infostealer ios 16 iphone 14 Linux Malicious Malicious OAuth Malware MS Exchange Network Segmentation NGFW pentesting Phishing POWERSHELL Qnap Ransomware RAT security spear Tips trojan Vishing VM VMware VPN vulnerability Vulnerability Assessment Windows Windows 10 windows 11

Scroll to top