Play Ransomware Is being Provided as a Service to Cybercriminals
The Play ransomware strain has transformed into a lucrative business model, being marketed to other threat actors “as a service,” according to new data that was discovered by Adlumin. [FREE E-BOOK] The Definite Blueprint for Cybersecurity in Manufacturing “The unusual lack of…
0 Comments4 Minutes
CISA Issue a Public Alert Regarding Rhysida Ransomware
The threat actors behind the Rhysida ransomware conduct opportunistic attacks on enterprises in a variety of industries. The US Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC)…
0 Comments5 Minutes
Unveiling a New Ransomware Group: Leveraging Hive’s Source Code and Infrastructure
To propel their initiatives in the threat landscape, the threat actors orchestrating the formation of the ransomware group Hunters International have seized control of the source code and infrastructure once belonging to the now-defunct Hive operation. “It appears that the leadership of the…
0 Comments5 Minutes
A DDoS botnet OracleIV is targeting public Docker Engine APIs
Publicly accessible instances of the Docker Engine API are currently under attack by threat actors. This is part of a broader campaign aiming to co-opt these machines into a distributed denial-of-service (DDoS) botnet known as OracleIV. Researchers Nate Bill and Matt Muir from Cado disclosed that…
0 Comments6 Minutes
A new Intel CPU vulnerability affects multi-tenant virtualized environments
Intel has swiftly responded to the critical Reptar vulnerability, extending its impact across desktops, mobile devices, and server CPUs. The company has promptly released comprehensive fixes to combat this issue effectively. This Intel CPU vulnerability, officially labelled CVE-2023-23583 with a…
0 Comments4 Minutes
CISA has issued a warning that a high-severity SLP vulnerability is now being actively exploited.
On Wednesday, the United States Cybersecurity and Infrastructure Security Agency (CISA) issued a stark warning, adding a high-severity vulnerability in the Service Location Protocol (SLP) to its roster of Known Exploited Vulnerabilities (KEV). The agency cited compelling evidence of ongoing…
0 Comments4 Minutes
Deceptive Tactics through a Fake Windows News Portal
Recent findings reveal a novel malvertising strategy employing counterfeit websites masquerading as legitimate Windows news portals. The primary objective is to propagate a malevolent installation of CPU-Z, a widely recognized system benchmarking utility. [FREE E-BOOK] The Definite Blueprint for…
0 Comments5 Minutes
A new type of GootLoader malware is hard to catch and spreads quickly.
Researchers have discovered that non-privileged attackers are exploiting as many as 34 distinct Windows Driver Model (WDM) and Windows Driver Frameworks (WDF) drivers with vulnerabilities, enabling them to achieve complete control over the associated devices and execute any desired code on the…
0 Comments4 Minutes
Google’s Security Measures Fall Short Against SecuriDropper
Cybersecurity experts have discovered a new Android Dropper-as-a-Service (DaaS) named SecuriDropper, which successfully bypasses Google’s latest security protocols, enabling the delivery of malware. Dropper malware for Android serves as a means to deliver a payload to an already compromised…
0 Comments4 Minutes
Researchers Uncover Vulnerabilities in 34 Windows Drivers
Researchers have discovered that non-privileged attackers are exploiting as many as 34 distinct Windows Driver Model (WDM) and Windows Driver Frameworks (WDF) drivers with vulnerabilities, enabling them to achieve complete control over the associated devices and execute any desired code on the…
0 Comments3 Minutes