AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services Nov 08, 2024Ravie LakshmananIoT Security / Vulnerability The threat actors behind the AndroxGh0st malware are now exploiting a broader set of security flaws impacting various internet-facing applications, while also deploying the Mozi botnet malware. “This botnet utilizes remote code Read more…
VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware Nov 06, 2024Ravie LakshmananSaaS Security / Threat Detection An ongoing threat campaign dubbed VEILDrive has been observed taking advantage of legitimate services from Microsoft, including Teams, SharePoint, Quick Assist, and OneDrive, as part of its modus operandi. “Leveraging Microsoft Read more…
Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services Oct 28, 2024Ravie LakshmananCloud Security / Cyber Attack A government entity and a religious organization in Taiwan were the target of a China-linked threat actor known as Evasive Panda that infected them with a previously undocumented post-compromise toolset Read more…
Researchers discover flaws in 5 end-to-end encrypted cloud services Several major end-to-end encrypted cloud storage services contain cryptographic flaws that could lead to loss of confidentiality, file tampering, file injection and more, researchers from ETH Zurich said in a paper published this month. The five cloud services studied offer end-to-end Read more…
Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks Oct 09, 2024Ravie LakshmananEnterprise Security / Identity Theft Microsoft is warning of cyber attack campaigns that abuse legitimate file hosting services such as SharePoint, OneDrive, and Dropbox that are widely used in enterprise environments as a defense Read more…
Dancho Danchev’s Blog – Mind Streams of Information Security Knowledge: An OSINT Profile of U.S Secret Service’s Most Wanted Cybercriminal Danil Potekhin In this analysis we’ll take a look at the Internet connected infrastructure of U.S Secret Service’s most wanted cybercriminal with a $10M reward Danil Potekhin using a variety Read more…
Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits SafeLine is a self-hosted WAF(Web Application Firewall) to protect your web apps from attacks and exploits. A web application firewall helps protect web apps by filtering and monitoring HTTP traffic between a web application and the Read more…
Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users A new attack campaign dubbed CLOUD#REVERSER has been observed leveraging legitimate cloud storage services like Google Drive and Dropbox to stage malicious payloads. “The VBScript and PowerShell scripts in the CLOUD#REVERSER inherently involves command-and-control-like activities by using Google Drive and Dropbox Read more…
New Guide: How to Scale Your vCISO Services Profitably Cybersecurity and compliance guidance are in high demand among SMEs. However, many of them cannot afford to hire a full-time CISO. A vCISO can answer this need by offering on-demand access to top-tier cybersecurity expertise. This is also an opportunity for MSPs and MSSPs Read more…
Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services Cisco is warning about a global surge in brute-force attacks targeting various devices, including Virtual Private Network (VPN) services, web application authentication interfaces, and SSH services, since at least March 18, 2024. “These attacks all appear to Read more…