A recent cybersecurity incident involving a North Korean state-sponsored group known as Diamond Sleet has emerged as a significant threat to businesses. This group has been distributing a compromised version of a legitimate application developed by the Taiwanese company CyberLink, leveraging a supply chain attack to target downstream customers. According…
Recent CACTUS Ransomware Campaign Targets Qlik Sense Vulnerabilities A new ransomware campaign, identified as CACTUS, has been leveraging recently revealed security vulnerabilities within Qlik Sense, a cloud analytics and business intelligence platform. This operation has sparked significant concern among cybersecurity experts, marking the first known use of these vulnerabilities by…
Understanding the Escalating Cybersecurity Threats for SMBs In an era where cybersecurity breaches dominate headlines, the visibility of these risks extends beyond large enterprises to encompass small and medium-sized businesses (SMBs) and the public at large. This growing awareness among SMBs highlights the pressing need to bolster their security measures.…
A new cryptomining malware, identified as MrbMiner, has emerged, having compromised thousands of Microsoft SQL Server (MSSQL) databases since its discovery last year. This malware has been traced back to a small software development firm in Iran, following a lapse in operational security that inadvertently revealed the company’s name within…
The Gootkit malware framework, which has been recognized for distributing banking Trojans, has recently undergone significant enhancements that enable it to deliver a broader spectrum of malicious software, including ransomware variants. According to researchers from Sophos, Gabor Szappanos and Andrew Brandt, the Gootkit malware family has been in existence for…
On Friday, Microsoft issued a grave warning regarding the active exploitation of vulnerabilities in unpatched Microsoft Exchange Servers affecting numerous organizations globally. The cyberattack campaigns reportedly compromise tens of thousands of businesses and government bodies across the United States, Europe, and Asia. The company’s security team reported a significant escalation…
In April 2024, Microsoft announced a critical security update addressing an unprecedented 149 vulnerabilities, with two of these flaws identified as actively exploited threats. This latest update categorizes three of the vulnerabilities as Critical, 142 as Important, three as Moderate, and one as Low in severity. Additionally, the update follows…
Following Microsoft’s recent release of a mitigation tool aimed at addressing cyberattacks targeting on-premises Exchange servers, the company reported that 92% of the internet-facing servers affected by the ProxyLogon vulnerabilities have been patched. This marks a substantial improvement of 43% from the previous week, closing a tumultuous period rife with…
Microsoft has announced the release of security updates addressing 118 vulnerabilities in its software suite, two of which have been identified as actively exploited vulnerabilities in the wild. Among these vulnerabilities, three have been classified as Critical, while 113 are rated Important, and two are deemed Moderate. Notably, this Patch…
