The TCP Middlebox Reflection method is a new amplification technique for conducting a Distributed Denial-of-Service attack. Researchers stated that this type of attack is a massive emerging threat that can infect many organisations. Moreover, the new attack abused flawed firewalls and content filtering systems to reflect and increase the TCP traffic in their target’s devices....Continue Reading
Telecom service providers from Central Asia are the newest targets of a China-based cyberespionage group dubbed Moshen Dragon after cybersecurity experts detected new waves of malicious activities from them. Security researchers found some common grounds between Moshen Dragon and other threat groups like Nomad Panda and RedFoxtrot since they have all utilised similar malware variants...Continue Reading
Several Android gadgets operating on Qualcomm and MediaTek chipsets were at risk against remote code execution (RCE) after security experts found vulnerabilities in the Apple Lossless Audio Codec (ALAC) implementation. Apple Lossless Audio Codec or ALAC is a tool provided by Apple, an audio coding format for lossless audio compression, made available in 2011. Since...Continue Reading
The Enemybot and the Fodcha botnets have been trying to compromise numerous targets globally by abusing multiple flaws in routers, modems, and Internet of Things (IoT) devices. These two newly discovered botnets can perform distributed denial-of-service attacks on any location. Enemybot and Fodcha are the newest addition to the long lists of botnets that will...Continue Reading
Several T-Mobile customers have recently filed reports about being targeted by a new SMS-phishing (SMiShing) campaign that attacks the victims with malicious links using unblockable texts via bulk or group sent messages. The public warning advisory was released by the New Jersey Cybersecurity & Communications Integration Cell (NJCCIC), an organisation that focuses on cybersecurity incident...Continue Reading
Another data wiper malware dubbed AcidRain was recently discovered by cybersecurity experts that attacked a telecommunication satellite called KA-SAT, owned by the Viasat company. The attack has impacted thousands of Ukrainian citizens alongside various countries in Europe. The new sophisticated wiper malware was found in the middle of March and can brute-force file names and...Continue Reading
Researchers have identified three critical security flaws impacting the Pascom Cloud Phone System that malicious threat actors could merge to attain a complete pre-authenticated code operation of affected systems. The critical vulnerabilities inside the CPS can be linked together, resulting in an unauthenticated malicious threat actor obtaining root privileges on affected devices. Pascom Cloud Phone...Continue Reading
Hackers have developed a new DDoS amplification method in attacks, with a 4.3 billion to 1 ratio, which experts see as a record-breaking amplification ratio ever executed. In distributed denial-of-service or DDoS attacks, threat actors target the networks or servers of their victims using an overload of requests and high volumes of data to cause...Continue Reading
The Lapsus$ threat group has again performed a massive cyber-attack after recently targeting Samsung and leaking nearly 200GB worth of propriety data. The Korean tech giant was attacked right after the threat group’s attack on Nvidia that leaked over 1TB of data to the dark web. From a statement released by the threat group, they...Continue Reading
Dubbed Daxin, a sophisticated network attack tool was discovered to develop stealthy backdoors and is assumed to be associated with Chinese threat actors possibly in utilisation for a decade now. The Daxin network tool is developed exclusively for attacking secured networks that enable threat actors to infiltrate deep inside the targeted networks and steal data....Continue Reading