New Espionage Campaign Unveiled: Targets Corporate Networks in Venezuela On Thursday, cybersecurity researchers revealed an ongoing espionage campaign primarily aimed at corporate networks in Spanish-speaking countries, with Venezuela being the focal point. This newly identified threat, named “Bandidos” by security firm ESET, employs an enhanced variant of the notorious Bandook…
A recently uncovered malware known as SideWalk has been identified as the result of an advanced campaign by a Chinese cyber threat group targeting a U.S. computer retail company. This group, primarily active in East and Southeast Asia, is recognized for its persistent and sophisticated attack methods. The Slovak cybersecurity…
A previously undocumented backdoor, identified as SideWalk, has recently been discovered targeting an unnamed computer retail company in the United States, linked to a persistent Chinese espionage campaign known as Grayfly. This finding raises significant concerns in the cybersecurity community regarding the growing sophistication of foreign threats. In late August,…
A sophisticated advanced persistent threat (APT) has been identified as the perpetrator behind a series of global cyberattacks targeting hotels, various governmental entities, international organizations, engineering firms, and law offices. This campaign has come to the attention of cybersecurity experts worldwide. The Slovak cybersecurity firm ESET has attributed these attacks…
Recent findings from cybersecurity researchers have unveiled a targeted campaign likely aimed at entities in Southeast Asia utilizing a novel form of Linux malware, identified as “FontOnLake.” This malware is designed to facilitate remote access for its operators, gather credentials, and serve as a proxy server. The cybersecurity firm ESET,…
On Monday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) included a recently patched critical vulnerability affecting Array Networks AG and vxAG secure access gateways in its Known Exploited Vulnerabilities (KEV) catalog. This addition follows credible reports indicating active exploitation of the flaw in real-world scenarios. The vulnerability, designated as…
Ukraine’s leading law enforcement and counterintelligence agency has revealed the identities of five individuals allegedly involved in a series of digital intrusions tied to a cyber-espionage group known as Gamaredon, with connections to Russia’s Federal Security Service (FSB). This disclosure highlights the agency’s ongoing efforts to combat cyber threats directed…
RomCom Exploits Zero-Day Vulnerabilities in Firefox and Windows A sophisticated cyber operation attributed to the Russia-aligned threat actor known as RomCom has been reported, focusing on the exploitation of two zero-day vulnerabilities—one in Mozilla Firefox and another in Microsoft Windows. These attacks have been designed to deploy RomCom’s proprietary backdoor…
Recent cybersecurity analysis has uncovered the deployment of a newly identified binary called “Owowa,” specifically targeting Microsoft Exchange’s Outlook Web Access servers. This malicious Internet Information Services (IIS) web server module seeks to extract user credentials and facilitate remote command execution on compromised systems. The Owowa module, reportedly written in…
