Lazarus Hacker Group Shifts Targets and Applies Advanced Techniques in a New DeathNote Campaign
The notorious North Korean hacking collective Lazarus Group, also tracked as APT38, Dark Seoul, or Hidden Cobra, has earned its…
Threats
GuLoader Detection: Malware Targets U.S. Financial Organizations via Phishing Emails
With the tax season in full swing, threat actors are setting eyes on financial organizations. According to the latest cybersecurity…
Detect CVE-2023-28252 & CVE-2023-21554 Exploitation Attempts: Windows Zero-Day Actively Used in Ransomware Attacks and a Critical RCE Flaw
With a growing number of zero-day flaws affecting widely used software products, proactive detection of vulnerability exploitation has been among…
DarkCrystal RAT Malware Detection: UAC-0145 Hackers Exploit Unlicensed Microsoft Office Software as the Initial Attack Vector
With a 250% surge of cyber attacks against Ukraine in 2022 and over 2,000 of them launched by russia-affiliated threat…
3CXDesktopApp Supply Chain Attack Detection: Active Intrusion Campaign Targeting Millions of 3CX Customers
Cybersecurity experts have uncovered an ongoing adversary campaign exploiting 3CXDesktopApp, a software application for business communication used by 12 million…
Detect CVE-2022-47986 Exploits: Critical Pre-Authenticated Remote Code Execution Vulnerability in IBM Aspera Faspex
Stay alert! Adversaries set eyes on Aspena Faspex, an IBM file-exchange application frequently used by large enterprises to speed up…
MacStealer macOS Malware Detection: Novel Malicious Strain Steals User Credentials from iCloud KeyChain
Heads up! A novel infostealer is making a splash in the cyber threat arena targeting macOS users. Cybersecurity researchers have…
Ferrari Data Breach Disclosed: Attackers Gain Access to the Company’s Network While Demanding Ransom to Prevent Data Leakage
The massive cyber incident at Ferrari that compromised some of the company customers’ personal data has recently hit the headlines.…
Detect CVE-2023-23397 Exploits: Critical Elevation of Privilege Vulnerability in Microsoft Outlook Leveraged in the Wild to Target European Government and Military
Security heads-up for cyber defenders! Microsoft has recently fixed a critical elevation of privilege vulnerability (CVE-2023-23397) affecting Microsoft Outlook for…
BlackLotus UEFI Bootkit Detection: Exploits CVE-2022-21894 to Bypass UEFI Secure Boot and Disables OS Security Mechanisms
An increasing number of Unified Extensible Firmware Interface (UEFI) security flaws uncovered in the last couple of years give the…