Security Intelligence

Threat actors put ‘Eagerbee’ in bonnet of ISPs and government entities

ISPs and government institutions in the Middle East and East Asia have been targeted with a fresh version of the...

Security Intelligence

Moxa addresses vulnerabilities in its industrial routers

Moxa advises that two vulnerabilities have been discovered in several of its routers and network security appliances.

Security Intelligence

BadBox Android botnet grows despite disruption

BadBox botnet grows to 192,000 affected devices despite German authorities recently disrupting one of the botnet’s main...

Security Intelligence

Adobe and Windows flaws actively exploited - CISA

CISA add Windows and Adobe Cold Fusion vulnerabilities to its Known Exploited Vulnerabilities (KEV) database.

Security Intelligence

APT 29 hustles high-profile organizations with malicious RDP files

APT 29 observed leveraging RDP to compromise victims, including governments, armed forces, think tanks, academic...

Security Intelligence

Clop ransomware claims responsibility for Cleo compromises

Clop ransomware group takes credit for recent breaches via the exploitation of two vulnerabilities in Cleo file...

Security Intelligence

Russian hackers, Turla, use Amadey infrastructure to target Ukraine

Turla observed hijacking the infrastructure of other threat actors to target Ukrainian entities.

Security Intelligence

Microsoft investigates potential new Windows zero-day vulnerability

Microsoft investigating reported zero-day vulnerability in Windows that could allow threat actors to capture NTLM...

Security Intelligence

Golden Chickens lays ‘More_eggs lite’ backdoor

Golden Chickens MaaS linked to Venom Loader and RevC2 in addition to its primary “more_eggs” malware offering.

Security Intelligence

Decade-old vulnerability in Cisco ASA WebVPN recently exploited

Cisco warns a decade-old vulnerability in its Adaptive Security Appliance (ASA) is being exploited by threat actors.

Security Intelligence

New phishing service ‘rocks’ M365 user accounts

Rockstar 2FA, a new phishing-as-a-service (PhaaS) platform, observed targeting Microsoft 365 user accounts with...

Security Intelligence

Novel attack vector evades anti-phishing security controls

Unnamed threat actors observed using a new attack vector that leverages intentionally corrupted Word documents to evade...