Poco RAT Phishing Scam Hits Spanish Speakers
Since at least February 2024, Spanish-language victims have been the target of an email phishing campaign delivering a new remote access trojan (RAT) known as Poco RAT. According to cybersecurity company Cofense, the attacks are mostly targeting the mining, manufacturing, hospitality, and utility…
0 Comments5 Minutes
New Ransomware Targets Veeam Backup Software
A recently patched security issue in Veeam Backup & Replication software is being exploited by EstateRansomware, a new ransomware operation. The Singapore-based Group-IB, which uncovered the threat actor in early April 2024, stated that the modus operandi involves the use of CVE-2023-27532…
0 Comments5 Minutes
Cybersecurity Alert: APT40’s Rapid Exploits
A collaborative advisory has been issued by cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the U.K., and the U.S. regarding the cyber espionage group known as APT40, which has ties to China. The advisory warns about APT40’s ability to quickly exploit…
0 Comments5 Minutes
Eldorado Ransomware Attacks Windows and Linux
Eldorado, a burgeoning ransomware-as-a-service (RaaS) organization, offers locker variations for encrypting files on Windows and Linux systems. Eldorado initially emerged on March 16, 2024, when an affiliate program advertisement was placed on the ransomware site RAMP, according to Group-IB,…
0 Comments5 Minutes
Understanding Cloud Managed IT Services
Cloud managed IT services have revolutionized how companies handle their IT needs. By shifting the responsibility of IT management to cloud-based providers, businesses can focus more on core activities and less on the technical complexities of their infrastructure. What are Cloud Managed IT…
0 Comments8 Minutes
Major Operation Takes Down 600 Cybercrime Servers
A concerted law enforcement operation dubbed MORPHEUS has taken down nearly 600 servers used by cybercriminals as part of an attack infrastructure linked to Cobalt Strike. Europol reported that the crackdown targeted older, unauthorized versions of the Cobalt Strike red teaming architecture between…
0 Comments6 Minutes
MSHTML Vulnerability Fuels MerkSpy Attack
Unknown threat actors have been leveraging a now-patched security vulnerability in Microsoft MSHTML to deploy the spying program MerkSpy as part of a campaign primarily targeting users in Canada, India, Poland, and the United States. “MerkSpy is designed to clandestinely monitor user…
0 Comments4 Minutes
Critical OpenSSH Flaw Discovered
The OpenSSH maintainers have recently issued security upgrades to address a severe security vulnerability that could potentially lead to unauthorized remote code execution with root privileges in Linux systems based on the glibc library. The vulnerability, known as regreSSHion, has been designated…
0 Comments6 Minutes
Risks of AI Training on Your Data
While some SaaS hazards are obvious and transparent, others are hidden in plain sight, and both pose major risks to your firm. According to Wing’s data, 99.7% of enterprises use AI-enabled technologies. These AI-powered solutions are crucial, delivering seamless experiences across…
0 Comments7 Minutes
SnailLoad Attack Spies via Network Latency
A group of security researchers from Graz University of Technology demonstrated a new side-channel attack called SnailLoad, which can be used to remotely infer a user’s web activities. “SnailLoad exploits a bottleneck present on all Internet connections,” the researchers wrote in…
0 Comments5 Minutes