South Asia

South Asia Page 1

Chinese Hackers APT Threat Group Winnti Threat Campaign Operation CuckooBees Malware

Chinese APT group, Winnti, is back with a new threat campaign

Researchers discovered a new attack campaign attributed to the Chinese-sponsored advanced persistent threat group known as Winnti. Based on reports, the recently discovered campaign remained undetected for several years. The researchers called the campaign ‘Operation CuckooBees’, which leveraged a past undocumented malware and stole confidential trade data from several organisations worldwide. An incident response team...
Continue Reading
Sysrv Botnet Flaw Abuse Vulnerability Windows Linux Web Servers CMS Wordpress Spring Framework

Sysrv botnet abuses flaws found in Windows and Linux servers

Critical flaws are found in Java’s Spring Framework and WordPress CMS, allowing the Sysrv botnet to exploit them and deploy malware on compromised Windows and Linux servers. The botnet was found with a new upgraded variant, Sysrv-K, capable of scanning unpatched Spring and WordPress deployments. According to researchers, the new variant of the Sysrv botnet...
Continue Reading
Cyber Security Experts Critical Flaw F5 BIG-IP Network Devices RCE Vulnerability

Security experts found a critical flaw in F5 BIG-IP devices

According to researchers, the F5 BIG-IP currently has a remote code execution (RCE) vulnerability that can enable threat actors to conduct numerous exploits. The F5 BIG-IP device users are warned to apply the latest security patch to avoid being a target. F5 has disclosed a critical remote code execution flaw tracked by researchers as CVE-2022-1388...
Continue Reading
Fake Job Offers NFT Artists Attack Vector Infostealer Malware Fraud Prevention Social Engineering

Fake job offers for NFT artists vector to spread infostealer malware

A new infostealer campaign that targets NFT artists has been discovered circulating in the non-fungible token landscape. In Japan, the users of creator-oriented online platforms such as Pixiv and DeviantArt are getting phoney job offers that contain messages from individuals that impersonate Cyberpunk APE executives’ NFTs. Researchers indicated that these new baits spread across the...
Continue Reading
Researchers Critical Vulnerability dotCMS Content Management System RCE

Researchers discovered a critical vulnerability in dotCMS

A pre-authenticated remote code execution (RCE) flaw was discovered inside the dotCMS, a source content management system. The system is coded in Java and has several users that reach about 10,000 individuals across over 70 countries globally. Fortune 500 brands and average-sized businesses comprise these.   The vulnerability in the dotCMS could allow RCE if...
Continue Reading
Cybersecurity Malware Loader Bumblebee BazarLoader Backdoor Threat Actors Cyberthreat

Researchers discovered a new malware loader dubbed Bumblebee

A newly discovered malware loader, called Bumblebee, has been identified by cybersecurity researchers as being utilised by roughly three separate threat groups connected with ransomware operations. Experts assumed that the Bumblebee was created by its operators to become a substitute for the BazarLoader backdoor. They also claimed that there is a high possibility that the...
Continue Reading
Experts Rapid Network Cyberattack Quantum Ransomware IcedID Malware Cobalt Strike

Experts found a rapid network attack done by the Quantum ransomware

A ransomware strain first found in August 2021 called the Quantum ransomware was observed launching attacks that experts described as speedy as its progress seems to escalate quickly in a targeted network before installed security defenders could detect and conduct measures. According to the research analysis, the described ransomware attack only needs over three hours...
Continue Reading
Cyber Security Researchers Night Sky Ransomware Log4Shell Critical Flaw Rook

Security researchers revealed further details on the Night Sky ransomware

A detailed report regarding the behaviour of the Night Sky ransomware was revealed recently, emphasising its new tactic of executing double extortion to its victims. The ransomware samples were first found at the beginning of 2022 during a short cyberattack that targeted two victims from Japan and Bangladesh. The researchers found developed executables in the...
Continue Reading
2021 Record High Zero Day Exploit Vulnerability Cyberattacks Cyber Threat Google

2021 marked record-high zero-day exploits hit, as per analysts

Record-high zero-day exploits had been recorded for 2021 after security analysts in Google disclosed their findings regarding the threat. The researchers also added that last year’s record of zero-day exploits is the most ever detected for a year — with 58 cases found — since they began hunting in 2014. Furthermore, analysts were alarmed with...
Continue Reading
Hackers QR Codes Data Theft Qshing Cyberattacks Phishing

Hackers exploit QR codes to steal from victims via Qshing attacks

As convenient as the QR codes for its users worldwide, the tool is also currently being exploited for cybercrimes. Many threat actors abuse QR codes to deploy Qshing attacks or QR code phishing to steal sensitive info and money from victims or spread malware by tampering with it. The QR code technology was initially intended for quickly...
Continue Reading
1 2 3 17