Several widely-used Android applications on the Google Play Store have been identified as vulnerable due to a path traversal vulnerability known as the “Dirty Stream” attack. This flaw could enable malicious applications to overwrite files within the affected apps’ home directories. According to Dimitrios Valsamaras from the Microsoft Threat Intelligence…
Cyber Attacks Linked to Gaza-Based Threat Actor Targeting Israeli Organizations A recent series of cyber attacks has been traced back to a threat actor based in Gaza, primarily focusing on Israeli private-sector entities in the energy, defense, and telecommunications sectors. Findings were disclosed by Microsoft in its fourth annual Digital…
Cozy Bear, a hacking group linked to the Russian government, is executing a new phishing campaign that is impacting over 100 organizations worldwide. Utilizing sophisticated tactics, the attackers are employing signed Remote Desktop Protocol (RDP) files disguised as legitimate documents to establish remote access and extract sensitive information. Organizations should…
An alarming trend has emerged as the AvosLocker ransomware group has been implicated in attacks targeting crucial infrastructure sectors across the United States, with some incidents surfacing as recently as May 2023. This information comes from a comprehensive cybersecurity advisory jointly issued by the U.S. Cybersecurity and Infrastructure Security Agency…
A significant cybersecurity threat has emerged involving a botnet orchestrated by hackers linked to the Chinese government. This network, comprised of thousands of compromised routers, cameras, and other Internet-connected devices, has been employed to execute sophisticated password spray attacks targeted at users of Microsoft’s Azure cloud service. The warning about…
Leadership & Executive Communication, Training & Security Leadership, Video CIO Alex Gallo Discusses Managing Digital Transformation, Security, and Lifelong Learning Anna Delaney (annamadeline) • November 1, 2024 Alex Gahlo, CIO and CyberEdBoard member In a landscape increasingly defined by rapid digital transformation, Alex Gallo, a member of CyberEdBoard and Chief…
In recent developments, a previously unidentified threat actor has been leveraging existing security vulnerabilities in Microsoft Exchange Server to deploy keylogger malware, with targets primarily located in Africa and the Middle East. This alarming trend was highlighted by Positive Technologies, a Russian cybersecurity firm, which reports over 30 victims, including…
Hackers Exploiting Password Spraying Techniques Target Microsoft Accounts In a recently issued alert, Microsoft has warned of ongoing password spraying attacks orchestrated by multiple Chinese hacking groups utilizing a botnet known as Quad7. Named after a TCP routing port number, this botnet is comprised of approximately 8,000 compromised devices, predominantly…
In a recent surge of cyber incidents, the Iranian threat group known as Tortoiseshell has been linked to a series of watering hole attacks involving a new strain of malware referred to as IMAPLoader. This type of malware is designed to gather information from compromised systems and function as a…
