Blog

Phishing is the most common cyber attack vector, and while email is well known for phishing, increasingly LinkedIn is being used as well. End-user phishing was the initial access point in 56% of cyber attacks that took place in 2021, according to a recent report. Phishing attacks rely on user interaction to trigger the initial access,Read more

Microsoft have warned customers of a form of attack capable of targeting unpatched Microsoft Exchange servers. The attacks taking place in the first 5 months of this year saw threat actors using Internet Information Services (IIS) extension modules to: access their victim’s email mailboxes, execute commands remotely, harvest credentials from within the system memory, stealRead more

An information stealing malware has had its source code released by the developer on a popular hacking forum. Cyber criminals have had free access to this malware since the start of this month, and it has already been updated three times by the developer to add new capabilities and streamline the attack.   Cyble Research LabsRead more

A new, previously undetected, Linux malware known as ‘Lightning Framework’ can be used as a backdoor to install rootkits in infected devices via Secure Shell (SSH). A report released by Intezer this week calls this malware “Swiss Army Knife-like” due to its wide range of capabilities, and ability to use techniques to avoid detection andRead more

The Microsoft 365 Defender Research Team have released a security warning to macOS users about a vulnerability they have discovered in Apple’s App Sandbox. The vulnerability tracked as CVE-2022-26706 was first uncovered in October 2021, however a new Proof of Concept (PoC) has been released by Microsoft in two formats, one of which is describeRead more

A large-scale phishing attack campaign has emerged using adversary-in-the-middle (AiTM) to steal credentials and circumvent multi-factor authentication (MFA) needs. Microsoft have released a security blog post regarding the use of these phishing attacks and the impersonation of Microsoft Azure Active Directory (Azure AD) login pages. This campaign has reportedly targeted over 10,000 organisations in theRead more

An actively exploited Windows Client Server Runtime Subsystem (CSRSS) vulnerability was one of 84 patched in this week’s Microsoft patch Tuesday. First discovered by the Microsoft Threat intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC), CVE-2022-22047 is tracked as a ‘High’ severity vulnerability, with a CVSS rating of 7.8/10. It affects devices running WindowsRead more

Microsoft is undoing a decision it made earlier this year to disable macros by default in Microsoft Office applications. In February an update was announced that Microsoft was introducing a new way in which VBA macros would be handled. This change is now being rolled back by Microsoft until further notice. This affects the MicrosoftRead more

Google released updates this week for Android and desktop Chrome browser users. These updates address high criticality zero-day vulnerabilities including one which has been actively exploited. This is the fourth Chrome update so far this year to patch zero-day vulnerabilities, with previous key updates being released in February, March, and April. Users should make sureRead more

Toll fraud malware is similar to billing fraud; it triggers the subscription of users to premium services without their knowledge or consent. Microsoft have called toll fraud “one of the most prevalent types of Android malware”, emphasising why it is important to keep informed about this actively evolving threat. Users of Android 9.0 or lowerRead more