Several months after security analysts found the critical zero-day flaw under the Java logging library Apache Log4j, they disclosed that many servers and applications are still prone to cyberattacks posed by the flaw due to failure to apply proper security patches. The vulnerability tracked as CVE-2021-44228 was first detailed last December, allowing hackers to launch...Continue Reading
A security flaw was found within Google’s VirusTotal platform, allowing threat actors to exploit it to accomplish remote code execution or RCE via the unpatched third-party sandboxing machines employing anti-virus applications. The vulnerability was fixed immediately after being discovered. VirusTotal is a malware-scanning platform under Google’s security subsidiary that investigates suspicious links, domains, and files...Continue Reading
Catalan-based journalists, politicians, and activists are the newest targets of a zero-click exploit on iPhone’s iMessage app utilised to install spyware under the NSO Group. As dubbed by experts, HOMAGE is a zero-click vulnerability that impacts iOS version 13.2. The HOMAGE exploit is abused by threat operators to target people with the Pegasus spyware, alongside...Continue Reading
The JSSLoader remote access trojan (RAT) propagates using Microsoft Excel add-ins during their attacks. Researchers attributed the newly discovered threat campaign to the Russian FIN7 threat group and have been actively circulating in the wild since December two years ago. The attack campaign uses a new and more elusive variant of JSSLoader. Its threat operators...Continue Reading
A new phishing strategy enables threat actors to bypass the multi-factor authentication (MFA) functionality using a new phishing technique that involves discreetly having targets log into their account on an attacker-operated server via remote access software. Based on reports, a researcher performed a pen-testing for an organisation and accidentally found a phishing activity on the...Continue Reading
Recent reports revealed how Google Drive became the most exploited function that threat actors used for spreading malicious payloads. Based on data gathered by researchers, about half of all malicious Office documents spread globally were distributed by threat actors using Google Drive. The result of the report is based on a recent study that covers...Continue Reading
A state-backed cybercriminal group called OceanLotus, also known as APT32, exploits the web archive file format to avoid detection from security solutions while distributing malware to intrude in target devices. The recent report of a cybersecurity researcher claims that the state-sponsored hackers are actively utilising the web archive files [.]MHTML, and [.]MHT for its campaign....Continue Reading
Even Google Docs has not been spared from being abused in cyberattacks, as researchers found that threat actors are exploiting its commenting feature to execute phishing attacks since December last year. Many employees globally are familiar with how Google Docs email alerts work. Receiving such alerts on their Gmail accounts might make them curious to...Continue Reading
The Firefox 94 browser has recently undergone an issue wherein people’s usernames and passwords were recorded in the Cloud Clipboard feature of Windows. Nonetheless, Mozilla has released a patch into this issue, categorizing it as a severe security risk that can expose users’ credentials to threat actors as they copy or cut their usernames and...Continue Reading
Researchers have discovered several compromised Node Package Manager (NPM) packages trying to hijack and steal Discord tokens. Discord is a growing chat app with about 350 million users globally. However, due to this popularity, this chat application caught the attention of numerous malicious threat actors. Recently, security researchers have identified 17 distinct malicious packages in...Continue Reading