SecureTeam

How EagerBee is Redefining Cyber Espionage in the Middle East

In early January 2025, cybersecurity researchers uncovered a sophisticated cyber espionage campaign targeting Internet Service Providers (ISPs) and government entities in the Middle East. At the centre of this campaign lies an advanced malware framework known as EagerBee, which has been significantly upgraded with new capabilities to facilitate stealthy and persistent access to compromised systems. […]

How EagerBee is Redefining Cyber Espionage in the Middle East Read More »

Strela Stealer Malware – From Invoice Phishing to Thread Hijacking

Articles, Malware, Social Engineering / Ian Reynolds

In recent months, a notable wave of cyber-attacks has swept across Europe, orchestrated by the cybercriminal group known as Hive0145. This group, also referred to by various threat intelligence entities as a highly organised Advanced Persistent Threat (APT), has been delivering a specific strain of malware—Strela Stealer—to infiltrate and compromise systems. Targeting countries primarily including

Strela Stealer Malware – From Invoice Phishing to Thread Hijacking Read More »

Latest Snapekit Rootkit Poses Threat to Arch Linux Users

Malware, News / Ian Reynolds

A newly discovered rootkit known as “Snapekit” has emerged, posing a significant risk to users of Arch Linux systems, particularly those running the 6.10.2-arch1-1 kernel. According to reports from multiple cybersecurity researchers, Snapekit is a highly sophisticated rootkit that exploits 21 system calls, enabling it to operate stealthily while avoiding detection. Its ability to remain

Latest Snapekit Rootkit Poses Threat to Arch Linux Users Read More »

Malware Attacks Target Zyxel End-Of-Life Routers

News, Vulnerabilities / Ian Reynolds

A five-year-old vulnerability is currently being exploited in Zyxel P660HN-T1A routers to introduce a Gafgyt malware variant onto target networks. An outbreak alert has been issued by Fortinet to inform users that this end-of-life router running versions before 7.3.15.0 v001/ 3.40 (ULM.0)b31 is being actively targeted in the wild. Zyxel published a security advisory back

Malware Attacks Target Zyxel End-Of-Life Routers Read More »

Unpatched Redis Servers Targeted by P2P Malware

News, Vulnerabilities / Ian Reynolds

A peer-to-peer (P2P) worm known as P2PInfect has been discovered by security researchers at Unit42 to be actively targeting Windows and Linux based Redis servers. Redis is an open-source database application used in cloud environments. This Rust-based worm targets publicly communicating internet-exposed cloud-based servers by exploiting a flaw that is over a year old. There

Unpatched Redis Servers Targeted by P2P Malware Read More »

OpenSSH Cryptomining Attacks on Linux and IoTs

Information Assurance, News / Ian Reynolds

Internet-facing Linux-based systems and Internet of Things (IoT) devices are being targeted in a recent attack that uses a patched version of OpenSSH to take over the devices and install cryptomining malware. Cryptomining involves the solving of complex mathematical problems to verify the payments carried out in cryptocurrency transactions, and creating new cryptocurrency tokens

OpenSSH Cryptomining Attacks on Linux and IoTs Read More »

New Botnet Campaign uses Critical Ruckus Flaw

Articles, Information Assurance / Ian Reynolds

Researchers at Fortinet have identified a new botnet campaign that utilises a Ruckus remote code execution (RCE) vulnerability to install malware and perform distributed denial of service (DDoS) attacks. This botnet is known as AndoryuBot due to the filename ‘Andoryu’ being used for the malware installed in this attack. It was first seen in attacks

New Botnet Campaign uses Critical Ruckus Flaw Read More »

EvilExtractor Sold as ‘Educational Tool’ is Info Stealer

Articles, Information Assurance / Ian Reynolds

EvilExtractor is an info stealer malware tool designed for data theft attacks on Windows operating systems. Researchers at Fortinet’s threat research group FortiGuard Labs have published an analysis of this tool detailing the attack method for this malware, and its impact on its victims. The research concluded that although there are no specific industries targeted

EvilExtractor Sold as ‘Educational Tool’ is Info Stealer Read More »

NCSC Warn of Jaguar Tooth Malware on Cisco Routers

News, Vulnerabilities / Ian Reynolds

Unpatched Cisco IOS routers are being targeted by Russian state-backed threat actor APT28 to deploy ‘Jaguar Tooth’ malware by exploiting a vulnerability from 2017. The National Cyber Security Centre (NCSC) have published a malware analysis report investigating this non-persistent malware recently seen to be infecting Cisco IOS routers using firmware C5350-IS-M version 12.3(6). A joint

NCSC Warn of Jaguar Tooth Malware on Cisco Routers Read More »

Fake ChatGPT Installs Windows and Android Malware

News / Ian Reynolds

Threat actors are using the name and image associated with ChatGPT to distribute malware through phishing sites, social media pages, and malicious Android applications. ChatGPT is a well-known AI chatbot run by OpenAI and has reported more than 100 million users in January 2023, only 3 months after its initial launch. The high volume of

Fake ChatGPT Installs Windows and Android Malware Read More »

malware

How EagerBee is Redefining Cyber Espionage in the Middle East

Latest Snapekit Rootkit Poses Threat to Arch Linux Users

Malware Attacks Target Zyxel End-Of-Life Routers

Unpatched Redis Servers Targeted by P2P Malware

OpenSSH Cryptomining Attacks on Linux and IoTs

New Botnet Campaign uses Critical Ruckus Flaw

EvilExtractor Sold as ‘Educational Tool’ is Info Stealer

NCSC Warn of Jaguar Tooth Malware on Cisco Routers

Fake ChatGPT Installs Windows and Android Malware

Our Address

Talk to us

Office Hours

Company Number

VAT Registration Number

Penetration Testing

Risk & Compliance Services

Quick Links

information. secured.

Head Office Address

Opening Hours

Stay in Touch