A newly emerged malicious entity called Agenda ransomware has been seen targeting Africa and Asia’s education and healthcare sectors. The latest analysis revealed that the new ransomware is coded in the Go programming language (Golang) and modified for every attack. The ransomware was called Agenda after the ransom notes and dark web posts published by...Continue Reading
Based on the latest dark web monitoring conducted by our researchers in iZOOlogic, we discovered that a hacker under the username of ‘unvisible’ is advertising and selling the database of teachers from Uganda on a popular hacking forum. These compromised data of the Ugandan teachers came from the TMIS or Teacher Management Information System website...Continue Reading
Malicious threat actors are utilising a newly uncovered malware called SessionManager, which can backdoor the servers of Microsoft Exchange. The targeted servers belonged to military and government companies based in the Middle East, Asia, Africa, and Europe. According to the researchers, the SessionManager was first spotted by them in a recent campaign this year. The...Continue Reading
Several cybercriminal groups are taking advantage of the current Monkeypox outbreaks to deceive concerned victims into providing their data and critical information. Monkeypox has been a hot topic these past few months as it gives similar concerns to the COVID-19 virus. For this reason, several threat actors use this potential threat to make their attacks...Continue Reading
Prominent security researchers recently disclosed a security incident in a Ugandan stock exchange firm, Uganda Securities Exchange (USE), that involved the firm being caught leaking their customers’ and partner companies’ highly confidential information. The security incident happened upon a researcher’s routine scan of misconfigured databases within the Shodan search engine platform. During the scan, a...Continue Reading
Cybercriminals are trying to maximize their monetary profits, especially through mobile malware, as their attacks surface expands. Each year, the rise of the mobile malware rate has made cybercriminals more eager to abuse the opportunity. The malicious codes used for mobile attacks offer powerful features adopted by threat actors worldwide. Based on the latest statistic...Continue Reading
The Iranian sponsored cyber threat group, known as Lyceum, has recently attacked telecommunication service providers and ISPs in Africa and the Middle East using upgraded malware. Also, Saudi Arabia, Tunisia, and Morocco are all targeted by the Iranian threat group, but Israel is still ranked as the most attacked country of Lyceum. In the most...Continue Reading
Cybersecurity leaders have conducted a study that shows the alarming hike of domain name system (DNS) attacks against organisations for 2021. The survey result revealed that within the past 12 months, 72% of participants had experienced a DNS cyberattack. 61% of victimised organisations have suffered from multiple attacks, while 11% are attacked regularly. In terms of cyberattack recovery, one-third of the respondents said...Continue Reading
A Russian cybercrime group is using a modified Excel document for a ransomware campaign called MirrorBlast. MirrorBlast deploys a weaponized Excel document against several financial service organizations. The most notable capability of MirrorBlast is the stealthy attribute that resulted in a low detection rate of the campaign’s malicious Excel documents. The creators of these documents have...Continue Reading
The ransomware actors behind the destructive malware called TrickBot have appeared again. It is now equipped with new strategies designed to increase its foundation by expanding its dispensation channels. The expansion is to deploy another ransomware called Conti. According to a report, the orchestrator of this expansion is the ransomware gang known as Wizard Spider or ITG23. They have been identified to...Continue Reading
