Tác giả: admin_dev

Unmasking the Threat: Memcyco’s Revolutionary Approach to Website Impersonation Protection

Website impersonation, also known as brandjacking or website spoofing, has become a pervasive menace for online businesses, leading to financial scams and data theft. As organizations invest in threat intelligence tools for protection, the critical window of exposure between the creation and takedown of fake sites remains a blind spot. Tel Aviv-based Memcyco introduces a […]

Unveiling the Security Challenges in Low-Code/No-Code (LCNC) and Robotic Process Automation (RPA) Environments

Low-code/no-code (LCNC) and robotic process automation (RPA) have revolutionized digital transformation, empowering business users to rapidly create applications through platforms like Microsoft PowerApps, UiPath, ServiceNow, Mendix, and OutSystems. However, the security implications of these tools often take a back seat amid the fervor of swift app development. In an era where speed is prioritized, the […]

Chinese-Speaking Smishing Triad Exploits UAE Identity Agency Impersonation for Malicious SMS Attacks

The Smishing Triad, a Chinese-speaking threat actor group, has recently been identified employing a new tactic by impersonating the United Arab Emirates Federal Authority for Identity and Citizenship. The group utilizes malicious SMS messages to target residents and foreigners in the UAE, aiming to extract sensitive information. According to a report by Resecurity, the attackers […]

JaskaGO Malware Emerges as Cross-Platform Threat Targeting Windows and macOS Systems

A new information stealer malware, named JaskaGO, has surfaced as a cross-platform threat affecting both Windows and Apple macOS systems. Discovered by AT&T Alien Labs, the malware is built using the Go programming language and is noted for its extensive array of commands received from a command-and-control (C&C) server. The macOS-specific artifacts of JaskaGO were […]

Cross-Platform Threat Emerges: JaskaGO Malware Targets Windows and macOS Systems

A newly discovered cross-platform threat named JaskaGO has surfaced as a Go-based information stealer malware, impacting both Windows and Apple macOS systems. AT&T Alien Labs identified the malware, noting its extensive command set received from a command-and-control (C&C) server. The macOS variant of JaskaGO was initially identified in July 2023, adopting disguises such as installers […]

U.S. Law Enforcement Disrupts BlackCat Ransomware Operation, Releases Decryption Tool

The U.S. Justice Department (DoJ) has officially dismantled the BlackCat ransomware operation, providing a decryption tool to over 500 affected victims to regain access to their encrypted files. The U.S. Federal Bureau of Investigation (FBI) collaborated with global law enforcement agencies to thwart the ransomware group. BlackCat, also known as ALPHV, GOLD BLAZER, and Noberus, […]

Inside the Ransomware Empire: Unveiling the Operations of Russian Cybercriminal Mikhail Matveev

Cybersecurity researchers have delved into the intricate workings of the ransomware operation orchestrated by Mikhail Pavlovich Matveev, a Russian national indicted by the U.S. government earlier this year for his alleged involvement in orchestrating numerous global cyberattacks. Matveev, known by various aliases such as Wazawaka, m1x, Boriselcin, Uhodiransomwar, Orange, and waza, is accused of playing […]

Evolving Threat Tactics: Malicious Actors Exploit GitHub for Covert Operations

Malicious actors are adopting innovative tactics by leveraging GitHub for malicious purposes, employing novel methods such as abusing secret Gists and issuing malicious commands through git commit messages. According to a report by ReversingLabs, threat actors have increasingly turned to the GitHub open-source development platform for hosting malware, signaling a shift in their strategies. Traditionally, […]

Transforming Cybersecurity Training: The Rise of Short-form Content

As organizations gear up for budgeting in 2024, security professionals are allocating funds to various areas, with employee security awareness training being a crucial component. However, the efficacy of traditional training methods is being questioned, given the persistence of insecure behaviors and the prevalence of social engineering attacks. Despite challenges, organizations prioritize training, often increasing […]

MuddyWater Exploits MuddyC2Go Framework in Targeted Telecom Sector Attacks

Iran’s state-sponsored threat actor, MuddyWater, has deployed a newly identified command-and-control (C2) framework called MuddyC2Go in recent cyber attacks on the telecommunications sector in Egypt, Sudan, and Tanzania. Symantec’s Threat Hunter Team, part of Broadcom, has been monitoring the activity, referring to the actor as Seedworm, also known as Boggy Serpens, Cobalt Ulster, Earth Vetala, […]