SecureTeam

Actively Exploited Vulnerabilities in D-Link Devices

Four vulnerabilities in D-Link routers have been added to the Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities Catalog this week. Also included in this week’s catalogue updates were now-patched zero-day vulnerabilities in Google Chrome, and Photo Station QNAP software. Three of the D-Link vulnerabilities identified as exploited by their addition to this list […]

Actively Exploited Vulnerabilities in D-Link Devices Read More »

NOBELIUM’s Backdoor Malware: MagicWeb

Articles, Information Assurance / Ian Reynolds

Microsoft’s Threat Intelligence Center (MSTIC) have recently discovered a new malware capability that NOBELIUM are using called MagicWeb. Highly active threat actor NOBELIUM are known for targeting organisations across Europe, Central Asia, and the USA. First detected in 2020, they use unique malware that is usually tailored to their current target. The MagicWeb malware is

NOBELIUM’s Backdoor Malware: MagicWeb Read More »

What is Zeppelin Ransomware?

Articles, Information Assurance / Ian Reynolds

Ransomware is the biggest cyber threat for UK organisations according to the National Cyber Security Centre (NCSC), with the number of different types of ransomware doubling this year already, from 5,400 in late 2021, to 10,666 after just six months of 2022. A report by Fortinet suggests this rise could be due to the development

What is Zeppelin Ransomware? Read More »

LinkedIn the Top Phishing Brand in Q2 2022

Articles, Social Engineering / Ian Reynolds

Phishing is the most common cyber attack vector, and while email is well known for phishing, increasingly LinkedIn is being used as well. End-user phishing was the initial access point in 56% of cyber attacks that took place in 2021, according to a recent report. Phishing attacks rely on user interaction to trigger the initial access,

LinkedIn the Top Phishing Brand in Q2 2022 Read More »

Source Code for Stealer Malware Released Online

News, Vulnerabilities / Ian Reynolds

An information stealing malware has had its source code released by the developer on a popular hacking forum. Cyber criminals have had free access to this malware since the start of this month, and it has already been updated three times by the developer to add new capabilities and streamline the attack. Cyble Research Labs

Source Code for Stealer Malware Released Online Read More »

New Backdoor Linux Malware ‘Lightning Framework’

News, Vulnerabilities / Ian Reynolds

A new, previously undetected, Linux malware known as ‘Lightning Framework’ can be used as a backdoor to install rootkits in infected devices via Secure Shell (SSH). A report released by Intezer this week calls this malware “Swiss Army Knife-like” due to its wide range of capabilities, and ability to use techniques to avoid detection and

New Backdoor Linux Malware ‘Lightning Framework’ Read More »

Microsoft Issue Warning Over Android Toll Fraud

News, Vulnerabilities / Ian Reynolds

Toll fraud malware is similar to billing fraud; it triggers the subscription of users to premium services without their knowledge or consent. Microsoft have called toll fraud “one of the most prevalent types of Android malware”, emphasising why it is important to keep informed about this actively evolving threat. Users of Android 9.0 or lower

Microsoft Issue Warning Over Android Toll Fraud Read More »

ZuoRAT Malware Targets Home-Office Routers

News, Vulnerabilities / Ian Reynolds

A multistage remote access trojan (RAT), known as ZuoRAT, has been specifically developed to attack small office/home office (SOHO) routers. These devices have been more frequently used for work since the increase in home-working in 2020 due to the Covid-19 global pandemic. It is suspected that this attack has been going undetected for the past

ZuoRAT Malware Targets Home-Office Routers Read More »

Log4Shell (still) actively exploited on VMware Systems

Articles, Information Assurance / Ian Reynolds

The Cybersecurity and Infrastructure Security Agency (CISA) and United States Coast Guard Cyber Command (CGCYBER) released a joint security advisory last week to warn of the active exploitation of CVE-2021-44228. This vulnerability is commonly known as Log4j, or Log4Shell because it gives attackers a shell that allows them to remotely access internet facing Log4j devices.

Log4Shell (still) actively exploited on VMware Systems Read More »

How the Phone-Wiping Banking Trojan BRATA is Becoming a More Advanced Threat

Articles, Information Assurance, Social Engineering / Ian Reynolds

First discovered in 2019, BRATA malware is contained in a malicious app which victims are tricked into installing on their phones. BRATA is a banking Trojan that gains access to your bank, withdraws your funds, and then wipes your phone with a factory reset to hide the evidence of its activities. BRATA stands for “Brazilian

How the Phone-Wiping Banking Trojan BRATA is Becoming a More Advanced Threat Read More »

malware

Actively Exploited Vulnerabilities in D-Link Devices

NOBELIUM’s Backdoor Malware: MagicWeb

What is Zeppelin Ransomware?

Source Code for Stealer Malware Released Online

New Backdoor Linux Malware ‘Lightning Framework’

Microsoft Issue Warning Over Android Toll Fraud

ZuoRAT Malware Targets Home-Office Routers

Log4Shell (still) actively exploited on VMware Systems

Our Address

Talk to us

Office Hours

Company Number

VAT Registration Number

Penetration Testing

Risk & Compliance Services

Quick Links

information. secured.

Head Office Address

Opening Hours

Stay in Touch