October 8, 2024 at 07:28AM Russian government agencies and industrial entities are under ongoing cyber attacks by a group named Awaken Likho. Kaspersky reports a new campaign using the MeshCentral platform to gain remote system access since June 2024. The attacks primarily target Russian government agencies, contractors, and industrial enterprises, with spear-phishing tactics distributing malicious … Read more
September 6, 2024 at 11:45AM A critical security flaw (CVE-2024-36401, CVSS 9.8) in OSGeo GeoServer GeoTools has been exploited in campaigns distributing cryptocurrency miners, botnet malware, and the SideWalk backdoor. The attacks target IT providers in India, U.S. tech firms, Belgian government entities, and telecom companies in Thailand and Brazil. CISA and Fortinet have detected … Read more
May 16, 2024 at 10:15AM The Kimsuky hacking group is behind a new social engineering attack, using fictitious Facebook accounts to target individuals via Messenger and deliver malware. The campaign impersonates a legitimate individual to trick activists in the North Korean human rights and anti-North Korea sectors. This approach aims to avoid detection and may … Read more
November 25, 2023 at 12:18AM An unnamed government entity in Afghanistan fell victim to a sophisticated cyber attack involving a previously unknown web shell called HrServ. The web shell exhibits advanced features and allows threat actors to control the compromised server and carry out various malicious activities. The attack involves the use of a remote … Read more