March 5, 2024 at 11:50AM Malicious actors used QEMU as a tunneling tool to establish a network tunnel in a cyberattack on a large company. This unusual case demonstrates the diverse methods attackers use to evade detection. Kaspersky analysts discovered the attack and emphasized the need for multi-level protection, including 24/7 network monitoring, to defend … Read more
November 2, 2023 at 10:50AM An Iranian state-sponsored threat actor called Scarred Manticore has been engaging in sophisticated cyber-espionage activities across the Middle East for over a year. The group, linked with Iran’s Ministry of Intelligence and Security, has targeted various sectors in countries such as Israel, Iraq, Jordan, Kuwait, Oman, Saudi Arabia, and the … Read more
November 1, 2023 at 02:49PM Threat actors are targeting government, technical, and legal organizations globally by exploiting the ‘Citrix Bleed’ vulnerability (CVE-2023-4966) in Citrix NetScaler ADC and Gateway appliances. The attacks have been ongoing since August 2023 and involve credential theft and lateral movement. The attacks are difficult to detect due to limited forensic evidence. … Read more