September 12, 2024 at 02:38PM Adobe’s patch for a remote code execution bug in Acrobat downplays the severity of a vulnerability, failing to mention it is considered a zero-day with a proof-of-concept exploit. Despite a CVSS base score of 7.8, a warning highlights its critical nature. Adobe has confirmed the need for a secondary fix. … Read more
September 11, 2024 at 02:47PM The Meow ransomware group has gained momentum, claiming the second most active gang spot in global ransomware attacks. The group has shifted its focus from encrypting files to selling stolen data, adopting a new tactic in the cybercrime landscape. Meanwhile, RansomHub continues to dominate the rankings with 15 percent of … Read more
July 15, 2024 at 02:32PM The MuddyWatter hacking group has developed a new custom-tailored malware implant called BugSleep. It is distributed through phishing emails disguised as invitations to webinars or online courses. The malware is injected into various apps and is actively being developed, indicating a trial-and-error approach. MuddyWatter has shifted to using BugSleep instead … Read more
July 15, 2024 at 02:24PM The Iranian-backed MuddyWatter hacking group has developed a new custom malware called BugSleep. Analysts at Check Point Research discovered the malware being distributed via well-crafted phishing lures. This new backdoor, actively developed and partially distributed, signals a shift from the group’s previous tactics. MuddyWatter’s cyber-espionage campaigns target various global industries. … Read more
July 10, 2024 at 12:08PM Microsoft fixed a Windows zero-day vulnerability (CVE-2024-38112) used to exploit Internet Explorer and launch malicious scripts. Threat actors distributed Windows Internet Shortcut Files to spoof legitimate-looking files, tricking users into downloading and running HTA files disguised as PDFs. The flaw is fixed in July 2024 Patch Tuesday updates, directing mhtml: … Read more
June 24, 2024 at 02:44PM The ‘Rafel RAT’ malware targets outdated Android devices to conduct ransomware attacks, with over 120 campaigns detected by researchers. It primarily affects devices running Android versions 11 and older, and it can target various brands and models. Threat actors use fake apps to spread Rafel RAT, which can execute commands … Read more
June 22, 2024 at 03:14PM The ‘Ratel RAT’ is an open-source Android malware widely used by cybercriminals to target outdated devices, often using ransomware to demand payment on Telegram. Check Point researchers detected over 120 campaigns using Rafel RAT, with high-profile organizations being targeted, particularly in the United States, China, and Indonesia. It’s crucial to … Read more
June 4, 2024 at 08:09AM Malware creators are increasingly using legitimate packer apps like BoxedApp to evade detection, with a surge in usage over the past year. This has been observed especially in remote access trojans and ransomware. BoxedApp offers features that make it harder for security systems to detect malware, resulting in a high … Read more
March 12, 2024 at 04:11PM Threat actors targeted Ivanti edge devices earlier this year. One-day exploit CVE-2024-21887 in Ivanti Connect Secure and Policy Secure gateways, rated 9.1/10, was quickly capitalized on by “Magnet Goblin.” Known for exploiting one-days in public-facing services, this group deploys malware capable of flying under the radar, emphasizing the need for … Read more