Kaspersky Reveals iPhones of Employees Infected with Spyware
According to Kaspersky, this is an ongoing investigation, and the perpetrators are yet to be determined. The CEO of cybersecurity giant and antivirus vendor Kaspersky, Eugene Kaspersky, revealed in a blog post that dozens of iPhones used by their senior...
Tool to find the Operation Triangulation traces
In our initial blogpost about “Operation Triangulation”, we published a comprehensive guide on how to manually check iOS device backups for possible indicators of compromise using MVT. This process takes time and requires manual search for several types of indicators....
New Botnet Malware ‘Horabot’ Targets Spanish-Speaking Users in Latin America
Jun 02, 2023Ravie LakshmananBotnet / Malware Spanish-speaking users in Latin America have been at the receiving end of a new botnet malware dubbed Horabot since at least November 2020. “Horabot enables the threat actor to control the victim’s Outlook mailbox,...
Critical Privilege Escalation Vulnerability in Essential Addons for Elementor Plugin Affecting Over One Million Sites
Introduction A severe vulnerability has been detected in Essential Addons for Elementor (from 5.4.0 through 5.7.1), a WordPress plugin with over one million active installations. This flaw was patched on May 11, 2023, but due to its severity, we believe...
Free Threat Hunting Platform Security Onion Released Updates – What’s New!
The third Beta version of Security Onion 2.4 is made available by Security Onion Solutions. A free and open platform for log management, enterprise security monitoring, and threat hunting is called Security Onion. It consists of both their in-house tools,...
Kaspersky targeted by an advanced cyberattack that infected employees’ iPhones
Posted on June 2, 2023 at 7:11 AM Kaspersky, a security firm based in Moscow, has been targeted by an advanced cyberattack. The cyberattack infected the iPhones owned by several dozen employees using malware that harvests user data. Kaspersky targeted...
Windows Users Beware: Crooks Relying on SeroXen RAT to Target Gamers
The stealthy SeroXen RAT is available as a legit RAT for Windows 11 and 10 just for $15-$30 per month, and for $60, buyers get a lifetime license. A fileless RAT (remote access trojan) has become the preferred tool for...
Audit the Security Posture of DevOps with HackerOne Source Code Assessments
Use Source Code Assessments to Audit DevOps DevOps teams may care about security, but it is not their area of expertise and it is not a priority for their pipeline goals. Adding security into the DevOps process adds friction and...
Evasive QBot Malware Leverages Short-lived Residential IPs for Dynamic Attacks
Jun 01, 2023Ravie LakshmananCyber Threat / Network Security An analysis of the “evasive and tenacious” malware known as QBot has revealed that 25% of its command-and-control (C2) servers are merely active for a single day. What’s more, 50% of the...
Operation Triangulation: iOS devices targeted with previously unknown malware
While monitoring the network traffic of our own corporate Wi-Fi network dedicated for mobile devices using the Kaspersky Unified Monitoring and Analysis Platform (KUMA), we noticed suspicious activity that originated from several iOS-based phones. Since it is impossible to inspect...
Dark Pink APT Group Compromised 13 Organizations in 9 Countries
A Singapore-based cybersecurity firm, Group-IB, has released a new report on Dark Pink, an APT group. The report emphases that Dark Pink has successfully targeted 13 organizations across 9 countries, highlighting the extent of their malicious activities. Throughout 2023, the...
Active Mirai Botnet Variant Exploits Zyxel Devices To Conduct DDoS Attacks
Posted on June 1, 2023 at 6:47 AM The US Cybersecurity and Infrastructure Security Agency (CISA) has included a newly patched critical severity flaw in Zyxel gear to its catalog of Known Exploited Vulnerabilities (KEV). The agency noted that the...
