Tag Cobalt Strike

Black Basta Ransomware Targets Over 500 Organizations in North America, Europe, and Australia

Black Basta Ransomware Targets Critical Infrastructure Globally The Black Basta ransomware-as-a-service (RaaS) group has made a significant impact since its inception in April 2022, successfully compromising over 500 private and critical infrastructure entities across North America, Europe, and Australia. Recent joint advisories released by leading cybersecurity authorities, including the Cybersecurity…

Read MoreBlack Basta Ransomware Targets Over 500 Organizations in North America, Europe, and Australia

Malicious Advertisers Exploit Google Ads to Target Users Seeking Popular Software

Emerging Malvertising Campaign Exploits Google Ads for Targeted Attacks Recent reports have unveiled a sophisticated malvertising campaign leveraging Google Ads to mislead users searching for popular software. This campaign not only directs these users to deceptive landing pages but also facilitates the distribution of further malicious payloads, posing a significant…

Read MoreMalicious Advertisers Exploit Google Ads to Target Users Seeking Popular Software

New Attack Method Exploits Microsoft Management Console Files

Recent cybersecurity analyses have revealed a sophisticated attack method being leveraged by threat actors, specifically utilizing specially engineered Microsoft Management Console (MMC) saved console (MSC) files. This technique allows malicious entities to execute arbitrary code, thereby circumventing existing security measures. The discovery was detailed by Elastic Security Labs, which has…

Read MoreNew Attack Method Exploits Microsoft Management Console Files

Hackers Target Ivanti VPN Vulnerabilities to Distribute KrustyLoader Malware

Recently reported zero-day vulnerabilities in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been actively exploited to deploy a Rust-based payload known as KrustyLoader. This malicious software component is specifically designed to install the open-source Sliver adversary simulation tool, which has gained traction among threat actors. The security…

Read MoreHackers Target Ivanti VPN Vulnerabilities to Distribute KrustyLoader Malware

Experts Uncover Three Chinese-Linked Groups Responsible for Cyberattacks in Southeast Asia

In a concerning resurgence of cyber espionage, a newly identified operation linked to Chinese state-sponsored groups, codenamed Crimson Palace, has been detected targeting multiple government entities across Southeast Asia. This resurgence suggests a notable escalation in the scope of state-directed cyber intrusions, raising significant alarms among regional cybersecurity experts. Cybersecurity…

Read MoreExperts Uncover Three Chinese-Linked Groups Responsible for Cyberattacks in Southeast Asia

Ransomware Groups Exploit VMware ESXi Vulnerability for Administrator Access

A recently identified vulnerability in VMware ESXi hypervisors has been under active exploitation by several ransomware groups, raising significant concerns among cybersecurity experts. The flaw, detailed under CVE-2024-37085 and assigned a CVSS score of 6.8, enables attackers to bypass Active Directory integration authentication, thus granting them illicit administrative access to…

Read MoreRansomware Groups Exploit VMware ESXi Vulnerability for Administrator Access

Cybercriminals Deploy MS Excel Macro to Execute Multi-Stage Malware Attack in Ukraine

Title: Sophisticated Cyber Attack Targets Ukraine with Cobalt Strike Payload A recent surge in sophisticated cyber attacks has seen endpoints located in Ukraine specifically targeted for the deployment of the notorious Cobalt Strike malware, raising concerns among cybersecurity experts. According to researchers from Fortinet’s FortiGuard Labs, the attack mechanism begins…

Read MoreCybercriminals Deploy MS Excel Macro to Execute Multi-Stage Malware Attack in Ukraine

SPECTR Malware Aims at Ukrainian Defense Forces in SickSync Operation

The Computer Emergency Response Team of Ukraine (CERT-UA) has issued a critical alert regarding a resurgence of cyber attacks specifically targeting the country’s defense forces. These attacks employ a malware known as SPECTR as part of a broader espionage campaign identified as SickSync. The agency has linked these malicious activities…

Read MoreSPECTR Malware Aims at Ukrainian Defense Forces in SickSync Operation

Israeli Organizations Under Cyberattack Utilizing Donut and Sliver Frameworks

Cyberattack Campaign Targets Israeli Entities Using Open-Source Tools Cybersecurity analysts have unearthed a sophisticated attack campaign directed at various entities within Israel, utilizing publicly available frameworks such as Donut and Sliver. HarfangLab, a cybersecurity research firm, detailed the operation in a report last week, describing it as highly targeted and…

Read MoreIsraeli Organizations Under Cyberattack Utilizing Donut and Sliver Frameworks