Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of a security flaw that has come under targeted exploitation in the wild. “CrushFTP v11… Read More »Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks
Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild by malicious actors. The company described the vulnerability, tracked as CVE-2024-3400 (CVSS… Read More »Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack
Technology, research, and government sectors in the Asia-Pacific region have been targeted by a threat actor called BlackTech as part of a recent cyber attack wave. The intrusions pave the way for an… Read More »BlackTech Targets Tech, Research, and Gov Sectors New ‘Deuterbear’ Tool
Threat actors behind the Akira ransomware group have extorted approximately $42 million in illicit proceeds after breaching the networks of more than 250 victims as of January 1, 2024. “Since… Read More »Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers
Attackers are increasingly making use of “networkless” attack techniques targeting cloud apps and identities. Here’s how attackers can (and are) compromising organizations – without ever needing to touch the endpoint or conventional networked systems and services. … Read More »How Attackers Can Own a Business Without Touching the Endpoint
Government entities in the Middle East have been targeted as part of a previously undocumented campaign to deliver a new backdoor dubbed CR4T. Russian cybersecurity company Kaspersky said it discovered the activity… Read More »Hackers Target Middle East Governments with Evasive “CR4T” Backdoor
Select Ukrainian government networks have remained infected with a malware called OfflRouter since 2015. Cisco Talos said its findings are based on an analysis of over 100 confidential documents that… Read More »OfflRouter Malware Evades Detection in Ukraine for Almost a Decade
The infamous cybercrime syndicate known as FIN7 has been linked to a spear-phishing campaign targeting the U.S. automotive industry to deliver a known backdoor called Carbanak (aka Anunak). “FIN7 identified… Read More »FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor
As many as 37 individuals have been arrested as part of an international crackdown on a cybercrime service called LabHost that has been used by criminal actors to steal personal credentials from… Read More »Global Police Operation Disrupts ‘LabHost’ Phishing Service, Over 30 Arrested Worldwide
Sandboxes are synonymous with dynamic malware analysis. They help to execute malicious files in a safe virtual environment and observe their behavior. However, they also offer plenty of value in… Read More »How to Conduct Advanced Static Analysis in a Malware Sandbox