Several sectors in South Korea, including industrial, healthcare, and pharmaceutical institutions, are the recent targets of a new ransomware strain dubbed GwisinLocker. Reports explain that the new ransomware attacks those under these sectors’ Windows and Linux OS computers. Security analysts are convinced that the threat operators behind the ransomware are Korean entities, given their strong...Continue Reading
Malicious threat actors are utilising a newly uncovered malware called SessionManager, which can backdoor the servers of Microsoft Exchange. The targeted servers belonged to military and government companies based in the Middle East, Asia, Africa, and Europe. According to the researchers, the SessionManager was first spotted by them in a recent campaign this year. The...Continue Reading
Cryptocurrency trading in India remains a popular avenue for traders in the country to invest. However, researchers found that this prevalence comes with a price, as many traders still fall victim to cryptocurrency scams. Dubbed ‘CoinEgg,’ this new crypto scam has swindled over ₹1,000 crores from investors in the country, which involved threat actors using...Continue Reading
An Indian-based online documents verification platform called MyEasyDocs has exposed the data of more than 57,000 students on a Microsoft Azure server. Based on a report, a cybersecurity researcher spotted a misconfigured Microsoft Azure server that exposed the educational and personal records of hundreds and thousands of students from Israel and India. MyEasyDocs own the...Continue Reading
A Sydney-based trading company, ACY Securities, has accidentally exposed their users and businesses’ financial and personal data online for public usage. However, the company did not mind the issue and stated that the exposed dataset was a minor problem. The current database exposure owned by the ACY Securities is due to a misconfigured database. The...Continue Reading
Telecom service providers from Central Asia are the newest targets of a China-based cyberespionage group dubbed Moshen Dragon after cybersecurity experts detected new waves of malicious activities from them. Security researchers found some common grounds between Moshen Dragon and other threat groups like Nomad Panda and RedFoxtrot since they have all utilised similar malware variants...Continue Reading
A North Korean state-sponsored threat group called APT37 has been discovered targeting journalists specialising in the Korean republic using the GoldBackdoor malware. Reports stated that the threat actors distribute the malware through several phishing campaigns. A researcher discovered the attack and immediately contacted a malware expert for assistance and analysis last month. The malware expert...Continue Reading
An advanced persistent threat (APT) group known as Cicada or APT10 has widened its targets, which first started by attacking only Japanese enterprises, to now a wide range of new countries so that they could conduct more widespread espionage attacks. The Chinese-speaking Cicada APT group is also known for its other titles, such as Stone...Continue Reading
A Chinese espionage threat group called Storm Cloud uses custom-made malware to target macOS users based in Asia. Researchers identified the malware used by the threat actors as GIMMICK, which is a previously unknown macOS malware strain. The GIMMICK malware was found during an analysis of a cyberespionage attack in the latter parts of last...Continue Reading
Researchers discovered a malicious threat campaign targeting unpatched Microsoft SQL servers on the web. The threat actors distribute Cobalt Strike Beacons on their potential hosts that still use unpatched SQL servers, and eye incompetently managed public-facing Microsoft SQL servers to be utilised for further widespread infection across cyberspace. Moreover, the intrusions involve scanning port 1433...Continue Reading
