May 6, 2022
Moshen Dragon Cyberespionage Hacker Gang Telco Central Asia Chinese Hackers

Moshen Dragon cyberespionage gang hits telcos from Central Asia

Telecom service providers from Central Asia are the newest targets of a China-based cyberespionage group dubbed Moshen Dragon after cybersecurity experts detected new waves of malicious activities from them. Security researchers found some common grounds between Moshen Dragon and other threat groups like Nomad Panda and RedFoxtrot since they have all utilised similar malware variants...
Continue Reading
Researchers Critical Vulnerability dotCMS Content Management System RCE

Researchers discovered a critical vulnerability in dotCMS

A pre-authenticated remote code execution (RCE) flaw was discovered inside the dotCMS, a source content management system. The system is coded in Java and has several users that reach about 10,000 individuals across over 70 countries globally. Fortune 500 brands and average-sized businesses comprise these.   The vulnerability in the dotCMS could allow RCE if...
Continue Reading
New Malware Exploits INITECH Process Lazarus Gang North Korean Hacker

New malware that exploits the INITECH Process is linked to Lazarus gang

Researchers link the North Korean-sponsored Lazarus group to a new malware that targeted over 40 institutions. The recent attacks in the first months of this year revealed further details regarding the malware attacking organisations by spoofing an executable of INISAFE CrossWeb EX version 3, a security program of INITECH. The threat actors input the malware...
Continue Reading
Log4j Flaw Vulnerability Expose Devices Cyberattacks

The Log4j flaw still exposes thousands of devices to cyberattacks

Several months after security analysts found the critical zero-day flaw under the Java logging library Apache Log4j, they disclosed that many servers and applications are still prone to cyberattacks posed by the flaw due to failure to apply proper security patches. The vulnerability tracked as CVE-2021-44228 was first detailed last December, allowing hackers to launch...
Continue Reading
Global Phishing Attacks Records Phishing-as-a-Service Cyber Threat SMiShing

The global phishing attacks last year have broken previous records

Phishing attacks from last year have broken previous records from the past years. Experts claimed that the emergence of phishing-as-a-service methods and new attack vectors caused this massive upsurge of the attacks. Some researchers also think that the low barrier of entry contributed to the widespread of similar attacks. Threat actors take advantage of current...
Continue Reading
High-end Car Rental Sixt Germany Shut Down Cyberattack System Disruption

A high-end car rental firm Sixt shut down after being hit by a cyberattack

A malicious threat attack has struck a big-time car rental company called Sixt. Based on reports, the non-essential systems related to the company were temporarily shut down by its operators to avoid getting infected by the breach. The Germany-based car rental firm rents automobiles from more than 2,000 locations in roughly 100 countries worldwide. In...
Continue Reading