Geriatric Microsoft Bug Exploited by APT Using Commodity RATs

Disguised as an IT firm, the APT is hitting targets in Afghanistan & India, exploiting a 20-year-old+ Microsoft Office bug that’s as potent as it is ancient. An APT described…

Fresh APT Harvester Reaps Telco, Government Data

The group is likely nation-state-backed and is mounting an ongoing spy campaign using custom malware and stealthy tactics. A previously unseen advanced persistent threat (APT) group dubbed Harvester by researchers…

Lyceum APT Returns, This Time Targeting Tunisian Firms

The APT, which targets Middle-Eastern energy firms & telecoms, has been relatively quiet since its exposure but not entirely silent. It’s kept up attacks through 2021 and is working on…

Podcast: Could the Zoho Flaw Trigger SolarWinds 2.0?

Companies are worried that the highly privileged password app could let attackers deep inside an enterprise’s footprint, says Redscan’s George Glass. A month ago, the FBI, CISA and the U.S.…

Heimdal™ Security Is a Finalist at the Computing Security Awards 2021 in Thirteen Categories

We are most delighted to announce that, after being nominated for the Network Computing Awards earlier this month, our company and solutions were also chosen as finalists in thirteen (!!!)…

In 2021, Google Issued Over 50,000 Warnings About State-sponsored Hacking Attacks.

In a blog post published yesterday, Google said that in 2021, it sent approximately 50.000 alerts to users whose accounts had been compromised by government-backed hacker gangs conducting phishing and…

30 Mins or Less: Rapid Attacks Extort Orgs Without Ransomware

The previously unknown SnapMC group exploits unpatched VPNs and webserver apps to breach systems and carry out quick-hit extortion in less time than it takes to order a pizza. In…

Microsoft Kills Bug Being Exploited in MysterySnail Espionage Campaign

Microsoft’s October 2021 Patch Tuesday included security fixes for 74 vulnerabilities, one of which is a zero-day being used to deliver the MysterySnail RAT to Windows servers. Today is Microsoft’s…

Windows Zero-Day Actively Exploited in Widespread Espionage Campaign

The cyberattacks, linked to a Chinese-speaking APT, deliver the new MysterySnail RAT malware to Windows servers. Researchers have discovered a zero-day exploit for Microsoft Windows that was being used to…

ESPecter Bootkit Malware Haunts Victims with Persistent Espionage

The rare UEFI bootkit drops a fully featured backdoor on PCs and gains the ultimate persistence by modifying the Windows Boot Manager. A rare Windows UEFI bootkit malware has been…