Month: December 2021

Research claims Samsung Galaxy Store apps are spreading malware

official Galaxy Store that may insert malware into your phone. Showbox Movie Apps Laden with Malware Weinbach came across the shady apps while searching the Galaxy Store for Hulu app noted that several Showbox-based applications were available on the Galaxy...

/ December 31, 2021

Error prompted LastPass to send false breach alerts to users

LastPass password manager users were shocked when they received alerts about their accounts getting compromised during a hack attack. The company released a statement on December 28th stating that credential stuffing attacks could impact some users. However, later, it clarified...

/ December 31, 2021

APT Groups Register Domain Used for C&C Long Before The Attack To Prevent Detection

The APT groups are massively exploiting the long before registered domains for C&C to prevent detection. Exceedingly the higher numbers of malicious, dormant domains pose a serious risk to all internet users.  As security researchers from Unit 42 Palo Alto...

/ December 31, 2021

MSP vs MSSP: What’s The Difference?

how MSPs provide security that’s worth disentangling. We’ll cover both in this short, but informative article. Let’s get started! Differences To begin, the differences between MSPs and MSSPs are fairly straightforward.  MSPs provide a general offering: managed IT services. This...

/ December 30, 2021

New iLOBleed Rootkit Targeting HP Enterprise Servers with Data Wiping Attacks

A previously unknown rootkit has been found setting its sights on Hewlett-Packard Enterprise’s Integrated Lights-Out (iLO) server management technology to carry out in-the-wild attacks that tamper with the firmware modules and completely wipe data off the infected systems. The discovery,...

/ December 30, 2021

Chinese APT Hackers Used Log4Shell Exploit to Target Academic Institution

A never-before-seen China-based targeted intrusion adversary dubbed Aquatic Panda has been observed leveraging critical flaws in the Apache Log4j logging library as an access vector to perform various post-exploitation operations, including reconnaissance and credential harvesting on targeted systems. Cybersecurity firm...

/ December 30, 2021

Ongoing Autom Cryptomining Malware Attacks Using Upgraded Evasion Tactics

An ongoing crypto mining campaign has upgraded its arsenal while evolving its defense evasion tactics that enable the threat actors to conceal the intrusions and fly under the radar, new research published today has revealed. Since first detected in 2019,...

/ December 30, 2021

BlackTech Hacker Group Uses New Flagpro Malware to Execute OS Commands

Several Japanese companies have been spotted using the Flagpro malware, and here to take the advantage of it, the BlackTech cyber-espionage APT group targets those companies to execute OS commands by exploiting the Flagpro malware. The cybersecurity analysts at NTTSecurity...

/ December 29, 2021

Critical Security Flaws with Apache HTTP Server Let Hackers Execute Arbitrary Code Remotely

An urgent update has been released (Apache HTTP Server 2.4.52) recently by the Apache Software Foundation to resolve critical vulnerabilities in its Apache HTTP Server.  The discovered vulnerability was marked as critical and it could be exploited by the threat...

/ December 29, 2021

New Apache Log4j Update Released to Patch Newly Discovered Vulnerability

The Apache Software Foundation (ASF) on Tuesday rolled out fresh patches to contain an arbitrary code execution flaw in Log4j that could be abused by threat actors to run malicious code on affected systems, making it the fifth security shortcoming...

/ December 29, 2021

Experts Detail Logging Tool of DanderSpritz Framework Used by Equation Group Hackers

Cybersecurity researchers have offered a detailed glimpse into a system called DoubleFeature that’s dedicated to logging the different stages of post-exploitation stemming from the deployment of DanderSpritz, a full-featured malware framework used by the Equation Group. DanderSpritz came to light...

/ December 28, 2021

Hackers Tried to use ‘Spider-Man: No Way Home’ movie to Deliver Monero Cryptominer

The cyber security experts at ReasonLabs have recently detected that hackers are using the ‘Spider-Man: No Way Home’ movie to deliver Monero crytominer through which they mine Monero crytocurrency (XMR). So, the fans of ‘Spider-Man: No Way Home’ beware of...

/ December 28, 2021