CVE-2023-25717 Detection: New Malware Botnet AndoryuBot Exploits RCE Flaw in the Ruckus Wireless Admin Panel
A new DDoS botnet dubbed AndoryuBot poses a threat to Ruckus Wireless Admin panels by exploiting a newly patched critical…
Threats
Snake Malware Detection: Cyber-Espionage Implant Leveraged by russia-Affiliated Turla APT in a Long-Lasting Campaign Against NATO Countries
On May 9, 2023, the U.S. Department of Justice revealed the details of a joint operation dubbed MEDUSA that resulted…
Detecting Abused Legitimate Tools Applied by Hackers in the Human-Operated Ransomware Attacks
With the constantly changing cyber threat landscape and the increasing sophistication of the adversary toolkit, information exchange between cybersecurity experts…
SmokeLoader Malware Detection: UAC-0006 Group Reemerges to Launch Phishing Attacks Against Ukraine Using Financial Subject Lures
The financially-motivated hacking collective tracked as UAC-0006 comes back to the cyber threat arena exploiting the phishing attack vector and…
ROKRAT Detection: Malware Adopts New Deployment Methods Relying on Large LNK Files
Adversaries are constantly looking for novel ways to overcome security protections. After Microsoft started blocking macros for Office documents by…
WinRAR as Cyberweapon: UAC-0165 Targets Ukrainian Public Sector with RoarBat
Since the outbreak of the global cyber war, state bodies of Ukraine and its allies have become targets of diverse…
APT28 aka UAC-0001 Group Leverages Phishing Emails Disguised As Instructions for OS Updates Targeting Ukrainian State Bodies
The infamous russian nation-backed hacking collective tracked as APT28 or UAC-0001, which has a history of targeted attacks against Ukrainian…
CVE-2023-27524 Detection: New Vulnerability Exposes Thousands of Apache Superset Servers to RCE Attacks
The popular open-source data visualization and data exploration tool, Apache Superset, is claimed to be vulnerable to authentication bypass and…
CVE-2023-27350 Exploit Detection: Critical PaperCut RCE Vulnerability Added to the CISA’s Known Exploited Vulnerabilities Catalog
PaperCut has recently reported that the company’s application servers are vulnerable to a critical RCE flaw known as CVE-2023-27350, with…
Domino Malware Detection: Ex-Conti and FIN7 Threat Actors Collaborate to Spread a New Backdoor
Cybersecurity researchers have uncovered a new malware family called Domino attributed to the adversary activity of the financially motivated russia-backed…