Recent disclosures from US intelligence agencies reveal an alarming resurgence of a 12-year-old strain of malware, known as “Taidoor.” This variant is believed to be employed by state-sponsored actors from China, targeting a wide array of institutions, including government bodies, corporations, and think tanks. The malware, which has been active…
The Cybersecurity and Infrastructure Security Agency (CISA) in the United States has issued an alert regarding a sophisticated malware campaign attributed to North Korean hackers targeting government contracting firms. This new threat, identified as “BLINDINGCAN,” utilizes an advanced remote access Trojan designed to create a backdoor into compromised systems. The…
In a significant update released for January 2024, Microsoft has patched a total of 48 security vulnerabilities across its software ecosystem. This month’s Patch Tuesday includes two flaws classified as Critical and 46 as Important. Notably, there are no indications that any of these vulnerabilities are being actively exploited or…
In its February 2024 Patch Tuesday updates, Microsoft has issued fixes for 73 security vulnerabilities across its software ecosystem, including two zero-day flaws currently under active exploitation. Among these vulnerabilities, five have been categorized as Critical and 65 as Important, while three have a Moderate severity rating. This release also…
A sophisticated phishing campaign observed since May 2020 has been increasingly targeting corporate leaders across various sectors, including manufacturing, real estate, finance, government, and technology. The primary objective is to extract sensitive information from these high-ranking individuals. This campaign employs social engineering techniques, specifically by sending emails that falsely notify…
A recently identified malware campaign, dubbed DarkGate, has raised alarms in the cybersecurity community. It exploits a now-patched security vulnerability in Microsoft Windows, known as CVE-2024-21412, which was used as a zero-day attack vector through fraudulent software installers. This incident was first observed in mid-January 2024, wherein attackers deceived users…
Cybersecurity firm Trend Micro recently revealed that a significant data breach involved an employee who improperly accessed personal information belonging to thousands of customers, driven by “clear criminal intent.” This insider threat occurred earlier this year, with the company taking immediate actions upon discovery. While businesses have implemented various defensive…
A newly identified Linux variant of a multi-platform backdoor known as DinodasRAT has emerged, actively targeting regions including China, Taiwan, Turkey, and Uzbekistan, according to recent findings by Kaspersky. DinodasRAT, also recognized as XDealer, is a C++-based malware specifically designed to extract various sensitive data from compromised systems. This variant…
Recent cybersecurity investigations have revealed that hackers believed to be affiliated with Iran are intensively targeting academic institutions, government bodies, and tourism organizations throughout the Middle East and its neighboring countries. This campaign appears to be focused on espionage and data theft. Trend Micro has named this operation “Earth Vetala,”…
