Emerging Threat: Fileless Ransomware “Sorebrect” Targets Enterprises Cybercriminals are evolving, leveraging increasingly sophisticated tactics to execute attacks. A recent report highlights the emergence of a fileless ransomware strain known as “Sorebrect.” Unlike traditional ransomware, which often relies on files to infect systems, Sorebrect injects malicious code directly into legitimate processes,…
Major Cyber Espionage Campaign Identified, Targeting Government and Academic Sectors Security analysts have uncovered a significant cyber espionage initiative primarily directed at personnel within government, defense, and academic institutions across various nations. This campaign is attributed to a threat group connected to Iran, with comprehensive findings detailed in a report…
In recent developments within the cybersecurity landscape, a noteworthy malware campaign has emerged, capitalizing on a previously reported vulnerability in Microsoft Office. This particular flaw, identified as CVE-2017-0199, relates to the Windows Object Linking and Embedding (OLE) interface. Although Microsoft issued a patch addressing this vulnerability earlier this year, threat…
In its March 2023 Patch Tuesday update, Microsoft disclosed fixes for 80 security vulnerabilities, two of which have been actively exploited in the wild. These vulnerabilities target critical components within the Microsoft ecosystem, with eight categorized as Critical, 71 as Important, and one as Moderate in severity. This update continues…
New Macro Malware Threat Targets Microsoft Office Users Recently, a cybersecurity researcher revealed a significant security flaw affecting all versions of Microsoft Office that permits the creation and propagation of macro-based self-replicating malware. This vulnerability allows attackers to generate malicious macros that can reproduce themselves and infect other documents, a…
Teenager Arrested Following Exploitation of Heartbleed Vulnerability in Canadian Cyber Breach A significant cybersecurity incident has led to the arrest of a 19-year-old individual in Canada, connected to a severe breach of the country’s taxpayer system. The Royal Canadian Mounted Police (RCMP) have charged Stephen Arthuro Solis-Reyes, from London, Ontario,…
Print management software provider PaperCut has issued a warning indicating that unpatched servers are being actively exploited in the wild. This alarming announcement follows two vulnerability reports from cybersecurity firm Trend Micro, which highlight significant security lapses within the PaperCut software. According to PaperCut, an analysis of customer reports revealed…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has identified and added three security vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, highlighting concerns over active exploitation. These vulnerabilities pose significant risks to various systems and require immediate attention from cybersecurity professionals. The first vulnerability, CVE-2023-1389, carries a CVSS score…
New Ransomware CACTUS Exploits VPN Vulnerabilities in Ongoing Cyber Attacks Cybersecurity researchers have identified a new strain of ransomware, dubbed CACTUS, which exploits known vulnerabilities in VPN appliances to gain entry into targeted networks. This ransomware variant has primarily targeted large commercial enterprises since its emergence in March 2023. Upon…
