Recent cybersecurity analysis has uncovered the deployment of a newly identified binary called “Owowa,” specifically targeting Microsoft Exchange’s Outlook Web Access servers. This malicious Internet Information Services (IIS) web server module seeks to extract user credentials and facilitate remote command execution on compromised systems. The Owowa module, reportedly written in…
Understanding Silverfort’s Unified Identity Protection Platform: A Comprehensive Overview In today’s evolving cybersecurity landscape, protecting an organization against identity-based attacks has become paramount. Silverfort has emerged as a key player with its Unified Identity Protection Platform, the first of its kind available in the market. This innovative platform leverages patented…
A sophisticated phishing attack has emerged, delivering the AsyncRAT trojan as part of a malware campaign believed to have started in September 2021. This campaign has raised significant concerns among cybersecurity experts due to its innovative approach and potential for widespread damage. According to Michael Dereviashkin, a security researcher at…
Scattered Lapsus$ Hunters, a notable threat group previously linked to significant data breaches, has announced that it has compromised more than one billion records from Salesforce environments across the globe. This alarming disclosure highlights the evolving complexity of cyber threats faced by organizations relying on cloud services for operational efficiency.…
New Malware Exposed as Iranian APT Group Targets Global Networks Cybersecurity agencies from the United States and the United Kingdom have revealed new malware attributed to the Iranian government-sponsored advanced persistent threat (APT) group known as MuddyWater. This malware is reported to facilitate attacks against both government and commercial networks…
A Hive ransomware incident recently targeted an unspecified organization, leveraging vulnerabilities in Microsoft Exchange Server known as “ProxyShell” to conduct a swift attack that culminated in network encryption within 72 hours of initial compromise. This information was shared by Nadav Ovadia, a security researcher from Varonis, in a detailed post-mortem…
Microsoft recently announced that it has taken action to mitigate harmful activities linked to a previously unidentified hacker group known as Polonium. This group has been exploiting OneDrive for malicious purposes, prompting Microsoft to intervene. In addition to terminating the accounts connected to this Lebanon-based group, the Microsoft Threat Intelligence…
Recent findings from cybersecurity firm Silent Push indicate that Russian ransomware groups have introduced a sophisticated new threat known as CountLoader. This malware is not merely a conventional virus; it functions as a loader, specifically designed to infiltrate devices and install more dangerous software, including ransomware. CountLoader serves as a…
The Computer Emergency Response Team of Ukraine (CERT-UA) has issued an alert concerning a resurgence in cyber activity from the organized criminal group known as UAC-0173. This group is reportedly employing a remote access trojan called DCRat (also referred to as DarkCrystal RAT) to infiltrate systems. This recent campaign, which…
