Palo Alto Networks Unit 42 researchers uncovered a malicious campaign targeting entities in North America, Europe, Asia, and the Middle East with RevengeRAT. The campaign was carried out during March, threat actors tracked as Aggah” used pages hosted on Bit.ly, BlogSpot, and Pastebin as a command-and-control (C2) infrastructure to distribute the RevengeRAT. Attackers hit organizations […]
Researcher discovered a high-severity flaw in Shopify e-commerce platform that could have been abused to expose the traffic and revenue data for the stores. Bug bounty hunter Ayoub Fathi. discovered a vulnerability in a Shopify API endpoint that could be exploited to leak the revenue and traffic data of thousands of stores. The Shopify platform […]
Google this week announced that it is going to block login attempts from embedded browser frameworks to prevent man-in-the-middle (MiTM) phishing attacks. Phishing attacks carried out by injecting malicious content in legitimate traffic are difficult to detect when attackers use an embedded browser framework or any other automated tool for authentication. For example, the embedded […]
Lab Dookhtegan hackers leaked details about operations carried out by Iran-linked OilRig group, including source code of 6 tools. A hacker group that goes online with the name Lab Dookhtegan have disclosed details about operations conducted by the Iran-linked cyber-espionage group tracked as OilRig, APT34, and HelixKitten. OilRig is an Iran-linked APT group that has been […]
A ransomware attack knocked the Weather Channel off the air for at least 90 minutes Thursday morning, federal law enforcement are investigating the incident.A ranomware attack knocked the Weather Channel off the air for at least 90 minutes Thursday morning, federal law enforcement are investigating the incident. A cyber attack hit the Weather Channel and […]
Experts warn of security flaws in the Broadcom WiFi chipset drivers that could allow potential attackers to remotely execute arbitrary code and to trigger DoS. According to a DHS/CISA alert and a CERT/CC vulnerability note, Broadcom WiFi chipset drivers are affected by security vulnerabilities impacting multiple operating systems. The flaws could be exploited to remotely execute arbitrary […]
Iran-linked APT group OilRig is heavily leveraging on DNS tunneling for its cyber espionage campaigns, Palo Alto Networks reveals. Security researchers at Palo Alto Networks reported that Iran-linked APT group OilRig is heavily leveraging on DNS tunneling for its cyber espionage campaigns, Palo Alto Networks reveals. OilRig is an Iran-linked APT group that has been […]
In mid-March, a suspicious Office document referencing the Ukraine elections appeared in the wild, is it related to APT28 and upcoming elections? Introduction The uncertain attribution of the Ukrainian themed malicious document discussed in our past article âAPT28 and Upcoming Elections: Possible Interference Signalsâ, led us to a review of Sofacyâs phishing techniques to confirm or […]
Electronic Arts (EA) has fixed a security issue in the Windows version of its gaming client Origin that allowed hackers to remotely execute code on an affected computer. Electronic Arts (EA) has addressed a vulnerability in the Windows version of its gaming client Origin that allowed hackers to remotely execute code on an affected computer. […]
A database belonging to the Indian local search service JustDial was left online without protection exposing personal data of over 100M users. The archive is still leaking personally identifiable information of more than JustDial customers that are accessing the service via its website, mobile app, or even by calling on the customer care number (“88888 […]