Recent cybersecurity investigations have revealed that hackers believed to be affiliated with Iran are intensively targeting academic institutions, government bodies, and tourism organizations throughout the Middle East and its neighboring countries. This campaign appears to be focused on espionage and data theft. Trend Micro has named this operation “Earth Vetala,”…
Threat actors notorious for their discreet operations often take extended breaks to avoid detection and continuously enhance their toolkit to slip under the radar of various cybersecurity protections. One such group, known as FIN8, is back in operation after a year-and-a-half hiatus, armed with an advanced backdoor that boasts upgraded…
On Monday, Microsoft announced the rollout of a new one-click mitigation software aimed at shielding susceptible environments from the ongoing ProxyLogon cyberattacks targeting Exchange Servers. This tool, known as the Exchange On-premises Mitigation Tool (EOMT), employs PowerShell to implement necessary countermeasures against known vulnerabilities, specifically CVE-2021-26855. It also conducts scans…
Following Microsoft’s recent release of a mitigation tool aimed at addressing cyberattacks targeting on-premises Exchange servers, the company reported that 92% of the internet-facing servers affected by the ProxyLogon vulnerabilities have been patched. This marks a substantial improvement of 43% from the previous week, closing a tumultuous period rife with…
The cybersecurity landscape was profoundly impacted by the SolarWinds attack, a sophisticated breach facilitated by the infamous Sunburst malware. This incident highlighted the vulnerability of various sectors, as attackers exploited the far-reaching SolarWinds ecosystem to access critical source code and sensitive data spanning multiple organizations, including U.S. government agencies, contractors,…
Microsoft is set to launch an update for Teams, rolling out targeted releases by early November 2025 and expected to reach a global audience by January 2026. This new feature enables users to initiate chats using only an email address, allowing for communication with recipients who do not have Teams…
A suspected nation-state actor has been detected exploiting three critical vulnerabilities in the Ivanti Cloud Service Appliance (CSA), leveraging these zero-day flaws to conduct a series of targeted cyberattacks. According to Fortinet’s FortiGuard Labs, these vulnerabilities allowed attackers to gain unauthorized access to the CSA, enumerate users, and access their…
A previously undocumented backdoor, identified as SideWalk, has recently been discovered targeting an unnamed computer retail company in the United States, linked to a persistent Chinese espionage campaign known as Grayfly. This finding raises significant concerns in the cybersecurity community regarding the growing sophistication of foreign threats. In late August,…
Recent reports indicate a sophisticated malware campaign that is specifically targeting entities in Afghanistan and India. This campaign exploits a decades-old vulnerability in Microsoft Office, identified as CVE-2017-11882, which has since been patched. The vulnerabilities allow adversaries to deploy remote access trojans (RATs), granting them total control over infected systems.…
