The TeaBot malware has been found exploiting the Google Play Store for the second time as an attack vector to infect unaware users. Since last year, the malware has conducted several upgrades to its attack chain to expand its surface and infiltrate more targets. Researchers discovered the trojan impersonating a QR code application on Google...Continue Reading
Cerber ransomware is making itself known again, and it is now packed with new tools and strategies to infect its targets. Recent observations showed that the revived ransomware targets remote code execution flaws in Gitlab servers and Atlassian Confluence. According to analysts, the Cerber ransomware threat group now targets different victims worldwide and utilizes both...Continue Reading
A botnet known as Moobot has abused a critical vulnerability inside Hikvision products that were sanctioned and banned by the United States federal government from receiving contracts due to some security reasons. The Moobot botnet’s infrastructure is surprisingly based on the infamous Dark Mirai (MANGA) botnet and has been distributing in the dark web’s ecosystem...Continue Reading
A new Delhi-based threat group reportedly strikes government agencies and defence departments of countries within South Asia, including China and Pakistan. The report’s analysis came from the malicious attacks of a threat group dubbed “You Xiang” or translated to “Baby Elephant” that targets the tech and equipment sector. The study also exposed threat actors who...Continue Reading
Researchers from iZOOlogic have recently discovered a threat group who introduced themselves from a popular dark web forum website where they claimed to be against China – as opposed to their name “AgainstTheWest.” According to their About page on the forum website, entitled “Declaration of War on China,” they appeared to assert their opposition against...Continue Reading
Cybersecurity leaders have conducted a study that shows the alarming hike of domain name system (DNS) attacks against organisations for 2021. The survey result revealed that within the past 12 months, 72% of participants had experienced a DNS cyberattack. 61% of victimised organisations have suffered from multiple attacks, while 11% are attacked regularly. In terms of cyberattack recovery, one-third of the respondents said...Continue Reading
A Thai luxury hotel chain, Centara Hotels & Resort, has recently published a statement regarding a data breach suspected of being performed by a notorious group of threat actors behind a series of cyberattacks in the past weeks. Through the security team’s investigation, it was verified that the system of the luxury hotel chain had suffered a data breach, and the threat actors were able to access some customers’...Continue Reading
For October, Google releases the Android security updates. They address a total of 41 vulnerabilities that ranges between high and critical severity. Every fifth day of each successive month, Google releases a complete breakdown of the Android OS security patch. This also contains both framework and vendor fixes. Therefore, this update also includes the remedies for the ten...Continue Reading
Security experts have found a new Python ransomware campaign wherein corporate systems are encrypted within three hours. According to researchers, this attack is performed by threat actors who specifically target the ESXi platform so that they can encrypt the victim’s virtual machines. This new ransomware written in Python has been deployed in only ten minutes by the threat actors who have managed...Continue Reading
A technique was discovered last Thursday by academic institutions from the UK which tackles a bypass bug issue relating to mobile security of Visa and Apple payment processes that can result in fake contactless payments. The said mobile security issue is reported to be capable of bypassing the lock screen of Apple’s iPhone to intrude the device’s payment services and commit fraudulent transactions. ...Continue Reading