+44 (0)203 88 020 88

Menu

Search

September 2022

The Current and Future Trends in Cyber Crime

The release of the 2022 Falcon OverWatch Threat Hunting Report from CrowdStrike has revealed the recent trends in cyber crime from July 2021 to June 2022. According to the report, the number of cyber crime campaigns has increased by 50% with financial crime accounting for 43% of all attacks.   According to CrowdStrike’s analysis cyber crime […]

The Current and Future Trends in Cyber Crime Read More »

RCE Vulnerability in Password Manager Pro

A Zoho ManageEngine vulnerability has been added to the Cybersecurity and Infrastructure Security Agency’s (CISA) known exploited vulnerabilities catalog last week. This remote code execution (RCE) vulnerability affects Password Manager Pro versions 12100 and below, Access Manager Plus versions 4302 and below, and PAM360 versions 5500 and below. Proof of concept (POC) code for an

RCE Vulnerability in Password Manager Pro Read More »

Erbium Stealer Malware Sold As A Service

A new information stealing malware is being distributed as malware-as-a-service (MaaS) by threat actors under the guise of fake cheats for popular video games. The malware known as Erbium is designed to harvest the credentials from the victims, stealing passwords and other login information for a range of accounts, including cryptocurrency wallets. Threat researchers CYFIRMA

Erbium Stealer Malware Sold As A Service Read More »

Adobe Magento Vulnerability Exploited in Attacks

Adobe Commerce and Magento Open Source have been targeted in a recent wave of attacks that exploit a critical vulnerability. Threat researchers at Sansec released a report this week that details the methodology of this remote access trojan attack. The vulnerability exploited in these attacks, CVE-2022-24086, was found to be actively exploited as early as

Adobe Magento Vulnerability Exploited in Attacks Read More »

Microsoft Teams Reverse Shell Attack Using GIFs

A number of vulnerabilities have been exploited in Microsoft Teams by attackers through the use of GIFs. The attack technique has been named ‘GIFShell’, and allows the attackers to send malicious files, execute commands, and exfiltrate data from their victims. Affected versions of Microsoft Teams include version 1.5.00.11163 and earlier, where the exploited insecure design

Microsoft Teams Reverse Shell Attack Using GIFs Read More »

Twilio Targeted in Latest ‘0ktapus’ Phishing Attacks

A large-scale phishing attack was recently launched against employees at Twilio, a global cloud-based communications and infrastructure company. Phishing text messages were sent to employees, impersonating Twilio’s IT department, with the aim of harvesting employee credentials. These stolen credentials were used to access internal systems, resulting in a breach of confidentiality in which the data

Twilio Targeted in Latest ‘0ktapus’ Phishing Attacks Read More »

Actively Exploited Vulnerabilities in D-Link Devices

Four vulnerabilities in D-Link routers have been added to the Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities Catalog this week. Also included in this week’s catalogue updates were now-patched zero-day vulnerabilities in Google Chrome, and Photo Station QNAP software.    Three of the D-Link vulnerabilities identified as exploited by their addition to this list

Actively Exploited Vulnerabilities in D-Link Devices Read More »

0

No products in the basket.

No products in the basket.