Month: January 2024

While most end users are well-acquainted with the dangers of traditional phishing attacks, such as those delivered via email or other media, a large proportion [more…]

The digital world that we live in has been always facing different types of cyber attacks. Of late, there has been a spurt in ransomware [more…]

The author (of this article, not the malware), Lena (aka LambdaMamba) has decided to name this type of malware the “CrackedCantil”. The “Cracked” part comes [more…]

On 2023-12-28, the Ukrainian government computer emergency and incident response team (CERT-UA) described a malicious espionage campaign that targeted government organizations in Ukraine. CERT-UA attributed [more…]

What happened Proofpoint researchers recently identified the return of TA576, a cybercriminal threat actor that uses tax-themed lures specifically targeting accounting and finance organizations. This [more…]

On 10th January 2024, Ivanti disclosed two zero-day critical vulnerabilities affecting Connect Secure VPN products: CVE-2024-21887 and CVE-2023-46805 allowing unauthenticated remote code execution. Volexity and [more…]

As these developments unfold, CSIRT-CTI has identified two campaigns exhibiting strong indications of being connected to Stately Taurus (alias Bronze President, Camaro Dragon, Earth Preta, [more…]

In this article, we will explore the FalseFont Backdoor used by Peach Sandstorm APT to target defense contractors worldwide. The backdoor was initially identified and [more…]

This intrusion began when a threat actor gained access to an exposed RDP host. Notably, the login utilized legitimate credentials for the default Administrator account, [more…]

Since at least 2008, ITG11 has primarily targeted political, government, and military entities, likely to assist in Russian espionage against strategic rivals. To conduct long-term [more…]