Geriatric Microsoft Bug Exploited by APT Using Commodity RATs

Disguised as an IT firm, the APT is hitting targets in Afghanistan & India, exploiting a 20-year-old+ Microsoft Office bug that’s as potent as it is ancient. An APT described…

LightBasin Operation Compromises 13 Global Telcos in Two Years

LightBasin Operation Compromises 13 Global Telcos in Two Years Researchers have uncovered a “highly sophisticated” two-year espionage campaign against global telcos that has already compromised 13 organizations. Dubbed “LightBasin” by…

Fresh APT Harvester Reaps Telco, Government Data

The group is likely nation-state-backed and is mounting an ongoing spy campaign using custom malware and stealthy tactics. A previously unseen advanced persistent threat (APT) group dubbed Harvester by researchers…

Lyceum APT Returns, This Time Targeting Tunisian Firms

The APT, which targets Middle-Eastern energy firms & telecoms, has been relatively quiet since its exposure but not entirely silent. It’s kept up attacks through 2021 and is working on…

Watch out! Attackers Can Guess Your Credit Card PIN Even If You Are Covering the ATM Pad

Security experts have shown that a special-purpose deep-learning algorithm can be instructed to guess four-digit credit card PINs 41% of the time, even when the target is trying to cover…

Red teaming tutorial: Active directory pentesting approach and tools

Infosec Institute –  Infosec Institute –  There are a number of tools you should use when it comes to active directory (AD). Inveigh and responder as a start point Many…

Twitter accounts linked to cyberattacks against security researchers suspended

Twitter has suspended accounts belonging to a North Korean hacking group targeting security researchers.  The social media accounts, @lagal1990 and @shiftrows13, were suspended this month after “posing as security researchers,”…

TA505 Gang Is Back With Newly Polished FlawedGrace RAT

TA505 – cybercrime trailblazers with ever-evolving TTPs – have returned to mass-volume email attacks, flashing retooled malware and exotic scripting languages. The TA505 cybercrime group is whirring its financial rip-off…

PurpleFox Adds New Backdoor That Uses WebSockets

Trend Micro – Trend Micro – PurpleFox Adds New Backdoor That Uses WebSockets Cyber Threats In September 2021, the Trend Micro Managed XDR (MDR) team looked into suspicious activity related…

Podcast: Could the Zoho Flaw Trigger SolarWinds 2.0?

Companies are worried that the highly privileged password app could let attackers deep inside an enterprise’s footprint, says Redscan’s George Glass. A month ago, the FBI, CISA and the U.S.…