A malicious actor executed a rather unconventional strategy by releasing a counterfeit proof-of-concept (PoC) exploit for a newly unveiled WinRAR vulnerability on the popular code-sharing platform GitHub. The intent behind this peculiar maneuver was to compromise...
In a recent cybersecurity development, TransUnion, a prominent credit reporting agency, appears to be grappling with a potential data breach incident. A hacker, operating under the alias "USDoD," has allegedly compromised the personal information of 58,505 customers...
In April, a ransomware incident targeted one of Australia's prominent law firms, HWL Ebsworth, causing a ripple effect across the nation's cybersecurity landscape. The breach, which exposed 1.45 gigabytes of the firm's data, was attributed to the Russian-speaking...
A series of targeted attacks centered in Azerbaijan has drawn the attention of experts. This campaign exhibits a distinct characteristic: the deployment of malware crafted in the Rust programming language. Referred to as "Operation Rusty Flag" by the cybersecurity...
In the Middle East, telecommunication service providers face a growing cybersecurity threat in the form of a new intrusion set known as ShroudedSnooper. This malicious campaign employs a stealthy backdoor called HTTPSnoop, designed to infiltrate target systems...
Transparent Tribe is employing a sophisticated tactic involving malicious Android applications designed to mimic the popular platform, YouTube. This strategy aims to disseminate the CapraRAT mobile remote access trojan (RAT), showing the persistent evolution of their...
Approximately 12,000 Juniper firewall devices, accessible on the internet, have been identified as susceptible to a newly disclosed remote code execution vulnerability. The vulnerability, identified as CVE-2023-36845, was brought to light by VulnCheck, a prominent...
The China-linked threat group, Earth Lusca, has come into the cybersecurity spotlight for deploying a novel Linux backdoor named SprySOCKS. Earth Lusca, initially brought to public attention by Trend Micro in January 2022, has consistently posed a formidable threat to...
The BlackCat (ALPHV) ransomware group has exhibited an evolved modus operandi, leveraging stolen Microsoft accounts and a recently discovered encryptor known as Sphynx to target Azure cloud storage. During a comprehensive investigation, cybersecurity experts from...
Retool, a software development company, has revealed that 27 of its cloud customers fell victim to a targeted SMS-based social engineering attack. This breach was exacerbated by a Google Account cloud synchronization feature introduced in April 2023, which the company...
Sign up to our weekly newsletter summarizing everything thats happened in data security, storage, and backup and disaster recovery
