HelpSystems has announced a critical out-of-band security update for its Cobalt Strike platform, addressing a remote code execution vulnerability that poses significant risks to system integrity. This vulnerability allows attackers to potentially take control of targeted systems, underscoring the ongoing challenges cybersecurity professionals face in protecting their networks. Cobalt Strike…
A significant security vulnerability known as React2Shell is currently being exploited by cybercriminals to deploy various malware strains, including KSwapDoor and ZnDoor, as reported by Palo Alto Networks’ Unit 42 and NTT Security. The exploitation of this vulnerability poses urgent risks to organizations, particularly those leveraging React and Next.js frameworks.…
Increased TrueBot Infections Target Multiple Countries Recent reports from cybersecurity experts indicate a surge in infections linked to TrueBot malware, notably affecting countries such as Mexico, Brazil, Pakistan, and the United States. The rise in these attacks highlights a shift in tactics employed by the attackers, who have transitioned from…
Major Cyber Espionage Campaign Identified, Targeting Government and Academic Sectors Security analysts have uncovered a significant cyber espionage initiative primarily directed at personnel within government, defense, and academic institutions across various nations. This campaign is attributed to a threat group connected to Iran, with comprehensive findings detailed in a report…
A newly discovered zero-day vulnerability impacting Fortra’s GoAnywhere MFT managed file transfer application is currently being exploited by cybercriminals. The details of this flaw emerged when security journalist Brian Krebs shared the information on Mastodon, although Fortra has yet to issue a public advisory regarding this incident. This vulnerability enables…
Severe Microsoft Office Vulnerability Exploited to Deliver Cobalt Malware Recently uncovered, a critical 17-year-old vulnerability in Microsoft Office is being actively exploited by threat actors to deploy backdoor malware. This vulnerability, designated as CVE-2017-11882, allows hackers to install malicious software on targeted systems without requiring any user interaction, raising significant…
In a recent security announcement, Fortra, the parent company of Cobalt Strike, disclosed a serious zero-day remote code execution (RCE) vulnerability within its GoAnywhere MFT tool. This vulnerability is reportedly being actively exploited by ransomware groups to access sensitive data. The vulnerability, designated as CVE-2023-0669 with a CVSS score of…
New Ransomware CACTUS Exploits VPN Vulnerabilities in Ongoing Cyber Attacks Cybersecurity researchers have identified a new strain of ransomware, dubbed CACTUS, which exploits known vulnerabilities in VPN appliances to gain entry into targeted networks. This ransomware variant has primarily targeted large commercial enterprises since its emergence in March 2023. Upon…
Recent alerts from cybersecurity agencies have highlighted a surge in variants of TrueBot malware, which are now actively targeting businesses in the United States and Canada. This sophisticated malware aims to infiltrate networks and extract sensitive information from compromised systems, posing a significant data breach risk. TrueBot exploits a critical…
