'

Critical Cellopoint Secure Email Gateway Flaw Let Attackers Execute Arbitrary Code

A critical vulnerability has been discovered in the Cellopoint Secure Email Gateway, identified as CVE-2024-6744. This flaw assigned a CVSS score of 9.8, poses a severe risk to organizations using this email security solution. CVE-2024-6744: A Critical Vulnerability According to the Twcert report, the vulnerability resides in the Secure Email Gateway’s SMTP Listener component, specifically … Read more

GuardZoo Android Malware Attacking military personnel via WhatsApp To Steal Sensitive Data

GuardZoo Android Malware Attacking military personnel via WhatsApp To Steal Sensitive Data

A Houthi-aligned group has been deploying Android surveillanceware called GuardZoo since October 2019 to target military personnel in the Middle East by leveraging social engineering tactics and using military-themed lures to trick victims into downloading the malware.  Based on a preexisting RAT (Remote Access Trojan) called Dendroid, GuardZoo grants attackers remote control over the infected … Read more

Akira Ransomware Attacking Airline Industry With Legitimate Tools

Akira Ransomware Attacking Airline Industry With Legitimate Tools

Airlines often become the target of hackers as they contain sensitive personal and financial details of passengers as well as travel schedules and loyalty programs. Since airlines are attractive to threat actors, disrupting their operations can be quite damaging to their economic and reputational statuses. Cybersecurity researchers at BlackBerry discovered that in Latin America, an … Read more

DarkGate Malware Exploiting Excel Files And SMB File Shares

DarkGate Malware Exploiting Excel Files And SMB File Shares

DarkGate, a Malware-as-a-Service (MaaS) platform, experienced a surge in activity since September 2023, employing various distribution methods, including email attachments, malicious ads, and compromised Samba shares.  Initially a human-operated command-and-control infrastructure, DarkGate has evolved into a versatile tool offering remote access, crypto mining, and other malicious functionalities.  The malware has been actively distributed across North … Read more

Beware Of Weaponized EBooks That Deliver AsyncRAT

Beware Of Weaponized EBooks That Deliver AsyncRAT

EBooks are popular, and their popularity lucrative threat actors the most, as they are widely shared digital assets that can easily circumvent security measures.  Threat actors exploit users’ trust in seemingly harmless documents by embedding malware in eBook files or disguising malicious code as legitimate eBooks. ASEC researchers reported that AsyncRAT distribution is via multiple … Read more

mSpy Data Breach: Millions of Customers’ Data Exposed

mSpy Data Breach: Millions of Customers’ Data Exposed

mSpy, a widely used phone spyware application, has suffered a significant data breach, exposing the sensitive information of millions of its customers. The breach, which Brainstack, mSpy’s parent company, has not publicly acknowledged, has raised serious concerns about spyware applications’ security and ethical implications. The Extent of the Breach mSpy Customers’ Locations The breach, first … Read more

Advance Auto Parts Cyber Attack: Over 2 Million Users Data Exposed

RALEIGH, NC—Advance Stores Company, Incorporated, a prominent commercial entity in the automotive industry, has recently been the victim of a cyber attack. The breach, which occurred on April 14, 2024, was discovered on June 10, 2024, and has compromised the personal information of over 2.3 million users, including 13,858 residents of Maine. Ethan Steiger, the … Read more

Hackers Using ClickFix Social Engineering Tactics to Deploy Malware

Hackers Using ClickFix Social Engineering Tactics to Deploy Malware

Cybersecurity researchers at McAfee Labs have uncovered a sophisticated new method of malware delivery, dubbed the “ClickFix” infection chain. This novel attack strategy leverages advanced social engineering techniques to manipulate unsuspecting users into executing malicious scripts, leading to severe security breaches. This article delves into the intricacies of the ClickFix method, its implications, and the … Read more

Coyote Banking Trojan Attacking Windows Users To Steal Login Details

Coyote Banking Trojan Attacking Windows Users To Steal Login Details

Hackers use Banking Trojans to steal sensitive financial information. These Trojans can also intercept and modify transactions, allowing hackers to drain bank accounts or make unauthorized purchases. BlackBerry cybersecurity researchers recently detected that the Coyote banking trojan has been actively attacking Windows users to steal login details. Coyote is an advanced .NET Trojan horse focusing … Read more