+44 (0)203 88 020 88

Menu

Search

Articles

Twilio Targeted in Latest ‘0ktapus’ Phishing Attacks

A large-scale phishing attack was recently launched against employees at Twilio, a global cloud-based communications and infrastructure company. Phishing text messages were sent to employees, impersonating Twilio’s IT department, with the aim of harvesting employee credentials. These stolen credentials were used to access internal systems, resulting in a breach of confidentiality in which the data […]

Twilio Targeted in Latest ‘0ktapus’ Phishing Attacks Read More »

NOBELIUM’s Backdoor Malware: MagicWeb

Microsoft’s Threat Intelligence Center (MSTIC) have recently discovered a new malware capability that NOBELIUM are using called MagicWeb. Highly active threat actor NOBELIUM are known for targeting organisations across Europe, Central Asia, and the USA. First detected in 2020, they use unique malware that is usually tailored to their current target. The MagicWeb malware is

NOBELIUM’s Backdoor Malware: MagicWeb Read More »

Phishing Attacks That Can Bypass MFA

A large-scale phishing attack campaign has emerged using adversary-in-the-middle (AiTM) to steal credentials and circumvent multi-factor authentication (MFA) needs. Microsoft have released a security blog post regarding the use of these phishing attacks and the impersonation of Microsoft Azure Active Directory (Azure AD) login pages. This campaign has reportedly targeted over 10,000 organisations in the

Phishing Attacks That Can Bypass MFA Read More »

Log4Shell (still) actively exploited on VMware Systems

The Cybersecurity and Infrastructure Security Agency (CISA) and United States Coast Guard Cyber Command (CGCYBER) released a joint security advisory last week to warn of the active exploitation of CVE-2021-44228. This vulnerability is commonly known as Log4j, or Log4Shell because it gives attackers a shell that allows them to remotely access internet facing Log4j devices. 

Log4Shell (still) actively exploited on VMware Systems Read More »

How the Phone-Wiping Banking Trojan BRATA is Becoming a More Advanced Threat

First discovered in 2019, BRATA malware is contained in a malicious app which victims are tricked into installing on their phones. BRATA is a banking Trojan that gains access to your bank, withdraws your funds, and then wipes your phone with a factory reset to hide the evidence of its activities.  BRATA stands for “Brazilian

How the Phone-Wiping Banking Trojan BRATA is Becoming a More Advanced Threat Read More »

CISA Warn of 40 New Actively Exploited Cybersecurity Vulnerabilities This Month So Far

Last week saw the addition of 39 known exploited cybersecurity vulnerabilities to the CISA catalogue, bringing the total added in June so far to 40. The Cybersecurity and Infrastructure Security Agency (CISA), a branch of the US government, released an alert on Wednesday, to make people aware of the threats posed by these vulnerabilities, which

CISA Warn of 40 New Actively Exploited Cybersecurity Vulnerabilities This Month So Far Read More »

10 Common Security Weaknesses and How To Defend Against Them

The mistakes we make and how to fix them – a new report co-authored by the NCSC reveals the 10 most common security weaknesses exploited by hackers. A joint security alert from the National Cyber Security Centre UK (NCSC-UK) was released earlier this month, co-authored by cybersecurity bodies from the USA, Canada, New Zealand, and

10 Common Security Weaknesses and How To Defend Against Them Read More »

0

No products in the basket.

No products in the basket.