A critical unauthenticated RCE (remote code execution) flaw has impacted 29 models of DrayTek’s business routers in the Vigor series, tracked as CVE-2022-32548 with a CVSS score of 10. Reports reveal that user interaction and credentials are unnecessary for a threat actor to exploit the flaw. Attackers could easily perform attacks against the impacted business...Continue Reading
The latest study about cybercriminals’ use of imitated apps to propagate cybercrime revealed that there had been an identified increase in these malicious activities as time passed. Since people have trusted many applications in their daily lives online, cybercriminals leverage it also to execute their ill-intended plans. One of the most deployed tactics is threat...Continue Reading
Researchers released an advisory about threat actors that employ a new phishing operation, which attempts to pressure their targets into making a quick decision. This advisory shows threat actors devising new techniques to make their illegal activities more profitable. According to reports, this credential stealing campaign has been discovered by researchers recently, portraying itself as...Continue Reading
A new cyberattack was performed by the notorious ALPHV (aka BlackCat) ransomware gang after they claimed the attack against a European electricity and gas pipeline firm Creos Luxembourg S.A. As reported by the firm’s owner and operator, Encevo, the attack transpired last July 25. The gas pipeline firm had not suffered operational disruptions, although the...Continue Reading
The Adrastea hacking group claimed they had hacked a massive Europe-based multinational missile manufacturer called MBDA. The company came to be after three of Europe’s biggest missile systems firms merged. These three distinct companies are from France (Aerospatiale), the United Kingdom (BAE Systems), and Italy (Finmeccanica). According to analysts, the threat actors that represent Adrastea...Continue Reading
A Germany-based semiconductor manufacturing firm Semikron shared in a recent report about a ransomware attack that compromised and encrypted their network. Semikron is one of the major power engineering manufacturers worldwide, implying the massive effect of the issue on its operations. With more than 3,000 staff across different countries, such as Brazil, China, France, and...Continue Reading
Researchers eyeing devices that utilise Linux operating systems have spotted the Lightning Framework malware. Based on reports, this malware was unknown to many until a research group analysed a sample rootkit. The newly discovered framework can be used to backdoor machines that employ SSH and spread several types of rootkits. Moreover, Lightning Framework forms modular...Continue Reading
A cybersecurity expert has published an advisory regarding a newly emerged supply chain attack method in which threat actors use fake Commits metadata to authenticate compromised GitHub archives. The researchers explained that “Commits” are a critical part of the GitHub system and contain a unique ID or hash. Additionally, the purpose of these parts in...Continue Reading
Cybersecurity researchers have spotted the CosmicStrand malware inside the devices of Gigabyte and ASUS motherboards. CosmicStrand is a new strain of UEFI rootkit that is becoming a trend among China-based threat groups. Chinese-speaking threat actors utilised the well-known rootkit since at least 2016 to infect targets in Russia, China, Iran, and Vietnam. CosmicStrand has been...Continue Reading
A peculiar malware backdoor called GoMet has been utilised by threat actors in a campaign that targets big-time Ukrainian software development firms. Cybersecurity researchers firmly believe that these new attacks came from Russia and were executed by its state-sponsored threat groups. GoMet is a standard piece of software coded in the Go programming language (Golang)...Continue Reading