Microsoft MSHTML flaw exploited in Gmail and Instagram phishing scam

The attacks started in July 2021 in which threat actors exploited Microsoft MSHTML vulnerability to target overseas Iranians. SafeBreach Labs researchers discovered a new Iranian threat actor trying to steal…

A Microsoft MSHTML Exploited By Hackers

It seems that a newly found Iranian threat actor is stealing Google and Instagram credentials from Farsi-speaking targets all around the world employing a new PowerShell-based stealer named PowerShortShell. The…

Files Within Password-Protected WinRAR Archives Locked by New Memento Ransomware Group

Memento ransomware group makes its way on the threat landscape scene. Their approach seems to be quite uncommon, as the threat actor group locks files in WinRAR archives protected by…

Exchange, Fortinet Flaws Being Exploited by Iranian APT, CISA Warns

Meanwhile, a Microsoft analysis that followed six Iranian threat actor groups for over a year found them increasingly sophisticated, adapting and thriving. A state-backed Iranian threat actor has been using…

Analyzing ProxyShell-related Incidents via Trend Micro Managed XDR

Trend Micro – Trend Micro – Both servers are using Liferay CE version 6.2, which is vulnerable to CVE-2020-7961 (possibly leading to remote code execution). Incident # 2 Similar to…

ProxyShell vulnerabilities exploited in domain-wide ransomware attacks

The ProxyShell vulnerabilities have prompted threat actors to launch domain-wide ransomware attacks against their targets, revealed a new research report from The DFIR Report. The report, published on Monday, explained…

Avast Q3’21 Threat Report

Avast –  Avast –  Latest Avast Q3’21 Threat Report reveals elevated risk for ransomware and RAT attacks, rootkits and exploit kits return. Foreword The threat landscape is a fascinating environment…

CISA: Patch These ICS Flaws Across Multiple Vendors

CISA: Patch These ICS Flaws Across Multiple Vendors The US authorities have released a new industrial control systems (ICS) alert urging impacted organizations to patch key middleware or risk denial…

Security company faces backlash for waiting 12 months to disclose Palo Alto 0-day

There has been considerable debate within the cybersecurity community about Randori, a security firm that waited one year before disclosing a critical buffer overflow bug it discovered in Palo Alto…

CISA warns of equipment vulnerabilities from multiple vendors

CISA has released a notice urging administrators to apply updates to a variety of industrial control systems after discovering vulnerabilities in multiple open-source and proprietary Object Management Group (OMG) Data-Distribution…