Cyberattack Group ‘Awaken Likho’ Targets Russian Government with Advanced Tools

October 8, 2024 at 07:28AM Russian government agencies and industrial entities are under ongoing cyber attacks by a group named Awaken Likho. Kaspersky reports a new campaign using the MeshCentral platform to gain remote system access since June 2024. The attacks primarily target Russian government agencies, contractors, and industrial enterprises, with spear-phishing tactics distributing malicious … Read more

GeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet Malware

September 6, 2024 at 11:45AM A critical security flaw (CVE-2024-36401, CVSS 9.8) in OSGeo GeoServer GeoTools has been exploited in campaigns distributing cryptocurrency miners, botnet malware, and the SideWalk backdoor. The attacks target IT providers in India, U.S. tech firms, Belgian government entities, and telecom companies in Thailand and Brazil. CISA and Fortinet have detected … Read more

North Korean Hackers Exploit Facebook Messenger in Targeted Malware Campaign

May 16, 2024 at 10:15AM The Kimsuky hacking group is behind a new social engineering attack, using fictitious Facebook accounts to target individuals via Messenger and deliver malware. The campaign impersonates a legitimate individual to trick activists in the North Korean human rights and anti-North Korea sectors. This approach aims to avoid detection and may … Read more

New ‘HrServ.dll’ Web Shell Detected in APT Attack Targeting Afghan Government

November 25, 2023 at 12:18AM An unnamed government entity in Afghanistan fell victim to a sophisticated cyber attack involving a previously unknown web shell called HrServ. The web shell exhibits advanced features and allows threat actors to control the compromised server and carry out various malicious activities. The attack involves the use of a remote … Read more