Category

Third Party Risk Assessment

Third Party Risk Assessment Page 1

Log4j Flaw Vulnerability Expose Devices Cyberattacks

The Log4j flaw still exposes thousands of devices to cyberattacks

Several months after security analysts found the critical zero-day flaw under the Java logging library Apache Log4j, they disclosed that many servers and applications are still prone to cyberattacks posed by the flaw due to failure to apply proper security patches. The vulnerability tracked as CVE-2021-44228 was first detailed last December, allowing hackers to launch...
Continue Reading
Third Party Vendor Antivirus Flaw Vulnerability Virus Total RCE Exploit Patched

A third-party AV flaw on VirusTotal triggering RCE exploit gets patched

A security flaw was found within Google’s VirusTotal platform, allowing threat actors to exploit it to accomplish remote code execution or RCE via the unpatched third-party sandboxing machines employing anti-virus applications. The vulnerability was fixed immediately after being discovered. VirusTotal is a malware-scanning platform under Google’s security subsidiary that investigates suspicious links, domains, and files...
Continue Reading
HOMAGE Vulnerability Exploit iOS Catalan Pegasus Spyware

HOMAGE exploit discovered targeting iOS users from Catalan

Catalan-based journalists, politicians, and activists are the newest targets of a zero-click exploit on iPhone’s iMessage app utilised to install spyware under the NSO Group. As dubbed by experts, HOMAGE is a zero-click vulnerability that impacts iOS version 13.2. The HOMAGE exploit is abused by threat operators to target people with the Pegasus spyware, alongside...
Continue Reading
JSSLoader Microsoft Excel Add-Ins Bypass Security Detection

JSSLoader utilised MS Excel add-ins to bypass security detection

The JSSLoader remote access trojan (RAT) propagates using Microsoft Excel add-ins during their attacks. Researchers attributed the newly discovered threat campaign to the Russian FIN7 threat group and have been actively circulating in the wild since December two years ago. The attack campaign uses a new and more elusive variant of JSSLoader. Its threat operators...
Continue Reading
Hackers Remote Access Software Phishing Campaigns Email VNC noVNC Evilginx2

Hackers used remote access software for phishing campaigns

A new phishing strategy enables threat actors to bypass the multi-factor authentication (MFA) functionality using a new phishing technique that involves discreetly having targets log into their account on an attacker-operated server via remote access software. Based on reports, a researcher performed a pen-testing for an organisation and accidentally found a phishing activity on the...
Continue Reading
Google Drive Attack Vector Malicious Downloads Malware Scripts Cloud Services Brand Abuse

Google Drive has become the most efficient vector for malicious downloads

Recent reports revealed how Google Drive became the most exploited function that threat actors used for spreading malicious payloads. Based on data gathered by researchers, about half of all malicious Office documents spread globally were distributed by threat actors using Google Drive. The result of the report is based on a recent study that covers...
Continue Reading
Web Archive File Exploited OceanLotus APT32 Malware MHT MHTML

Web archive file exploited by OceanLotus to spread malware

A state-backed cybercriminal group called OceanLotus, also known as APT32, exploits the web archive file format to avoid detection from security solutions while distributing malware to intrude in target devices. The recent report of a cybersecurity researcher claims that the state-sponsored hackers are actively utilising the web archive files [.]MHTML, and [.]MHT for its campaign....
Continue Reading
Threat Actors Google Docs Phishing Attacks Digital Risk Email Phishing Brand Abuse

Threat actors abuse Google Docs to spread phishing attacks

Even Google Docs has not been spared from being abused in cyberattacks, as researchers found that threat actors are exploiting its commenting feature to execute phishing attacks since December last year. Many employees globally are familiar with how Google Docs email alerts work. Receiving such alerts on their Gmail accounts might make them curious to...
Continue Reading
Mozilla Firefox 94 Patch Release Windows Cloud Clipboard Cybersecurity Risk Web Browser

Mozilla details the Firefox 94 patch related to Windows Cloud Clipboard

The Firefox 94 browser has recently undergone an issue wherein people’s usernames and passwords were recorded in the Cloud Clipboard feature of Windows. Nonetheless, Mozilla has released a patch into this issue, categorizing it as a severe security risk that can expose users’ credentials to threat actors as they copy or cut their usernames and...
Continue Reading
Compromised NPM Node Package Manager Attack Vector Discord Tokens Communication Platform Info Stealing

Compromised NPM packages now a vector for stealing Discord Tokens

Researchers have discovered several compromised Node Package Manager (NPM) packages trying to hijack and steal Discord tokens. Discord is a growing chat app with about 350 million users globally. However, due to this popularity, this chat application caught the attention of numerous malicious threat actors. Recently, security researchers have identified 17 distinct malicious packages in...
Continue Reading
1 2 3 8