Mimecast Acknowledges Source Code Breach Linked to SolarWinds Attack In a recent disclosure, email security firm Mimecast announced that it fell victim to the state-sponsored attackers behind the SolarWinds breach, illustrating the ongoing risks associated with sophisticated cyber threats. The incident, detailed in their findings, revealed unauthorized access to some…
Purple Fox, previously known for infecting Windows systems through various exploit kits and phishing campaigns, has evolved to include a new propagation technique that resembles worm-like behavior. Recent findings indicate a substantial uptick in its activity, with Guardicore researchers reporting a 600% increase in incidents since May 2020. This latest…
Recent research reveals that the conversion process from DOS to NT paths in Windows represents a potential exploitation vector for threat actors, enabling rootkit-like functionality that could hide and impersonate files, directories, and processes. According to Or Yair, a security researcher from SafeBreach, when users invoke functions that involve a…
On Wednesday, Facebook disclosed its efforts to dismantle cyber operations linked to two state-sponsored hacking groups based in Palestine that have exploited its platform for malware distribution. These activities primarily originated from the Preventive Security Service (PSS), a security entity of the Palestinian Authority, and a group identified as Arid…
Recent research has uncovered a security glitch in Zoom’s screen sharing feature that could inadvertently expose sensitive information to participants during video calls. This vulnerability, designated as CVE-2021-28133, is notable as it remains unpatched, enabling the possibility of revealing contents from applications not actively being shared, albeit for only brief…
In a significant crackdown on cybercriminal activity, Emotet, a widely recognized email-based Windows malware, has been systematically eradicated from infected systems worldwide following an extensive European law enforcement operation. This follows the efforts of “Operation Ladybird,” launched three months prior, which aimed to dismantle the infrastructure supporting Emotet’s dangerous botnet…
Phishing Campaigns Targeting Booking.com Users Raise Security Concerns Recent reports highlight a sophisticated phishing campaign aimed primarily at Windows users, as detailed by cybersecurity experts. The attackers exploit compromised accounts from hotels listed on Booking.com or similar online travel services. By leveraging the sensitive information available in these accounts, they…
Recent developments have emerged concerning a Python-based “self-replicating, polymorphic bot” known as Necro. These upgrades appear designed to enhance its ability to infiltrate vulnerable systems and evade detection. Initially reported earlier this year, the bot now showcases significant modifications, including various command-and-control (C2) communication techniques and the addition of new…
A recent malware campaign has been uncovered, targeting South Korean organizations, specifically attributed to the North Korean hacking group Andariel. This development highlights the ongoing evolution of tactics employed by state-sponsored actors, particularly within the Lazarus Group, which has been consistently adapting its methodologies to enhance operational effectiveness. Kaspersky, a…
