Threat groups leaking stolen databases have been widespread across the dark web landscape. One includes the WeLeak Database group observed by researchers from iZOOlogic to remain active, specifically on their Telegram channel with over 12,000 subscribers. The WeLeak Database group has set up their Telegram channel to provide massive database dumps for the public and...Continue Reading
A critical vulnerability tracked CVE-2022-27511 that affected the Citrix Application Delivery Management (ADM) technology has now been patched. The said flaw allows threat actors to reset administrators’ passwords remotely. Citrix’s Application Delivery and Management (ADM) solution is a web-based technology for its users to easily manage all Citrix-related cloud or on-premise deployments, including ADC MPX,...Continue Reading
A malicious group of threat actors from China exploited a zero-day abuse in Sophos firewall, which researchers classify as critical-severity. The malicious threat actors infected a company and breached their web servers hosted through a cloud. A Chinese advanced persistent threat (APT) group conducted the attack, dubbed as DriftingCloud. The adversaries have exploited a critical...Continue Reading
Microsoft’s SharePoint and OneDrive have been identified with a flaw that allows ransomware actors to encrypt files stored in the cloud applications that its users would not be able to recover without backups or obtaining decryptors from the hackers. In this attack, the threat operators could leverage the two applications’ “versioning” feature that enables users...Continue Reading
A notorious multi-functional loader called PureCrypter has been updated by its developers for better usage in cyber-attacks. Research stated that this crypter had been sold in the underground market since March last year. PureCrypter’s operators have updated their loader and added new features to run several malicious activities despite being a vector for distributing remote...Continue Reading
A Malaysian hacktivist group called Dragon Force gathers other hackers’ attention to encourage them to attack India’s information technology infrastructure with cyber-attacks. Last June, the group tweeted its intention and called its mission a “special operation.” The hacktivist group appears to be targeting the members of the Bharatiya Janata Party, a political party in India....Continue Reading
Zimbra, an email software suite, is found with a new critical flaw that threat actors can exploit to steal users’ cleartext passwords without requiring interaction with them. According to researchers, the hackers could also escalate their access to an organisation’s networks, allowing them to steal corporate information. The vulnerability is tracked as CVE-2022-27924 with a...Continue Reading
An Indian-based online documents verification platform called MyEasyDocs has exposed the data of more than 57,000 students on a Microsoft Azure server. Based on a report, a cybersecurity researcher spotted a misconfigured Microsoft Azure server that exposed the educational and personal records of hundreds and thousands of students from Israel and India. MyEasyDocs own the...Continue Reading
Analysts released an email security advisory that shows how language-based business email compromise (BEC) attacks have become a growing trend for cybercriminals. The research discovered that nearly 75% of recent campaigns use language as the primary attack transmitter that threat actors used for their campaigns. The most utilised BEC campaigns are weaponised payloads, common business...Continue Reading
A surge of use in reverse tunnels and URL shorteners has recently been detected for wide-scale phishing campaigns, thus allowing threat actors to be stealthier in their attacks. Experts say that the recently detected malicious activity is unusual method attackers use for their phishing sites to avoid being taken down. The reverse tunnel services aid...Continue Reading
