Hard on the heels of the disclosure of a denial-of-service (DoS) vulnerability in Windows LDAP, known as CVE-2024-49113 aka LDAPNightmare, another highly critical vulnerability affecting Microsoft products comes to the scene. The recently patched Microsoft Outlook vulnerability tracked as CVE-2025-21298 poses significant email security risks by allowing attackers to perform RCE on Windows devices through […]
Adversaries frequently leverage legitimate tools in their malicious campaigns. The popular AnyDesk remote utility has also been largely exploited by hackers for offensive purposes. Cyber defenders have unveiled the recent misuse of AnyDesk software to connect to targeted computers, masquerading the malicious efforts as CERT-UA activity. Detect Cyber-Attacks Exploiting AnyDesk Based on CERT-UA Research Adversaries […]
Hot on the heels of the release of the first PoC exploit for a critical RCE vulnerability in the Windows LDAP, known as CVE-2024-49112, another vulnerability in the same software protocol in Windows environments is causing a stir. A discovery of CVE-2024-49113, a new denial-of-service (DoS) vulnerability, also known as LDAPNightmare, is hitting the headlines […]
New year, new menaces for cyber defenders. Cybersecurity researchers have uncovered a novel variant of the notorious Banshee Stealer, which is increasingly targeting Apple users worldwide. This stealthy infostealer malware employs advanced evasion techniques, successfully slipping past detection by leveraging string encryption from Apple’s XProtect antivirus engine. Going exclusively after macOS users, Banshee is capable […]
The modern-day cyber threat landscape is marked by the rise in malware variants that give attackers the green light to gain complete remote control over targeted systems, such as a nefarious Remcos RAT spread via a phishing attack vector. At the turn of January 2025, defenders unveiled an emerging stealthy malware dubbed NonEuclid RAT, which […]
In 2024, vulnerability exploitation accounted for 14% of breach entry points, marking a nearly threefold increase from the previous year—a trend that could persist into 2025. At the turn of January 2025, defenders released the first PoC exploit that can crash unpatched Windows Servers by leveraging a critical RCE vulnerability in the Windows Lightweight Directory […]
Security experts have uncovered a novel Strela Stealer campaign, which leverages a new iteration of email credential-stealing malware. In this campaign, the updated malware version is enriched with enhanced functionality and is now capable of gathering system configuration data via the “system info” utility. Moreover, Strela Stealer expanded its targets beyond Spain, Italy, and Germany […]
Hard on the heels of the cyber-espionage campaign by UAC-0099 via the phishing attack vector, another hacking collective has evolved in the cyber threat arena to target Ukrainian organizations. CERT-UA notifies defenders about the discovery of fake websites that mimic the official page of the “Army+” application and are hosted using the Cloudflare Workers service. […]
Researchers have uncovered a new malicious campaign using voice phishing (vishing) to spread the DarkGate malware. In this attack, adversaries masqueraded themselves as the known client on a Microsoft Teams call, tricking the victims into downloading AnyDesk for remote access and further deploying malware. Detect DarkGate Malware Attacks In the early summer of 2024, the […]
The UAC-0099 hacking collective, which has been launching targeted cyber-espionage attacks against Ukraine since the second half of 2022, resurfaces in the cyber threat arena. The CERT-UA team has observed a spike in the group’s malicious activity throughout November-December 2024 against Ukrainian government entities using the phishing attack vector and spreading LONEPAGE malware. Detect UAC-0099 […]