Month: September 2021

Vulnerability Remediation | A Step-by-Step Guide

What Is Vulnerability Remediation? Vulnerability remediation is the process of addressing system security weaknesses. The steps include the following: Discover: Identify vulnerabilities through testing and scanning Prioritize: Classify the vulnerabilities and assess the risk Remediate: Block, patch, remove components, or...

/ September 30, 2021

Why Companies Should Start Taking Behavioural Analysis Seriously?

Behavioural analysis uses machine learning, artificial intelligence, big data, and analytics to recognize malicious behavior by examining differences in everyday activities. Behavioural analysis is an extremely important tool when it comes to fending off cyber-attacks. We all are aware that...

/ September 30, 2021

BloodyStealer Malware Steals Cookies, Passwords, Bank Cards From Gamers Browser

It has been identified recently that the BloodyStealer is being traded on the dark web market. It is a Trojan that is generally used to steal accounts from accounts of successful gaming platforms, which include:- Steam Epic Games Store EA...

/ September 30, 2021

GhostEmperor: From ProxyLogon to kernel mode

 Download GhostEmperor’s technical details (PDF) While investigating a recent rise of attacks against Exchange servers, we noticed a recurring cluster of activity that appeared in several distinct compromised networks. This cluster stood out for its usage of a formerly unknown...

/ September 30, 2021

ImmuniWeb Launches Free Cloud Security Test to Detect Unprotected Storage

The IDC cloud security survey 2021 states that as many as 98% of companies were victims of a cloud data breach within the past 18 months. Fostered by the pandemic, small and large organizations from all over the world are...

/ September 30, 2021

Hackers Launch Two Apps that Steal Data from Banking Applications

Posted on September 30, 2021 at 10:50 AM Researchers have detected two new malicious Android applications that are available on Google Play Store. The malicious applications are being used to target users in Brazil who are registered in the country’s...

/ September 30, 2021

NSA, CISA Release Guidelines to Secure VPNs

VPNs). The guidelines came after the departments noticed a rise in government-backed hackers exploiting vulnerabilities in VPN devices. The agencies stated that the guidelines would help protect the national security systems, the Defense Department, and defense contractors against ATP (advanced...

/ September 29, 2021

DarkHalo after SolarWinds: the Tomiris connection

Background In December 2020, news of the SolarWinds incident took the world by storm. While supply-chain attacks were already a documented attack vector leveraged by a number of APT actors, this specific campaign stood out due to the extreme carefulness...

/ September 29, 2021

TA544 threat actors hit Italian firms with Ursnif banking trojan

Onliner Spambot” containing email addresses and clear-text passwords of 711 million users from around the world. The database was being used to send out spam and Ursnif banking trojan to users since 2016. As for recent attacks from TA544; according to...

/ September 29, 2021

Hackers Targeting Brazil’s PIX Payment System to Drain Users’ Bank Accounts

Two newly discovered malicious Android applications on Google Play Store have been used to target users of Brazil’s instant payment ecosystem in a likely attempt to lure victims into fraudulently transferring their entire account balances into another bank account under...

/ September 29, 2021

Bandwidth Suffers DDoS Attack Leads to Nationwide Outages

Posted on September 29, 2021 at 8:04 AM Distributed denial of services attacks have been on the rise in the past few months. Many companies have fallen victim to these attacks, with the latest one being Bandwidth.com. Bandwidsth.com is a...

/ September 29, 2021

Russia-Backed Hacking Group, Nobelium, Using New FoggyWeb Backdoor Tool

Posted on September 29, 2021 at 7:58 AM The same hacking group who have made a name for themselves attacking the SolarWinds supply chain have again been spotted using an entirely different backdoor. According to the Microsoft Threat Intelligence Center...

/ September 29, 2021