Less than a week after a phishing campaign by UAC-0050 spreading Remcos RAT, the group attempted to launch another offensive operation. In the newly uncovered massive email distribution campaign, UAC-0050 hackers target the Ukrainian and Polish public sectors, leveraging the nefarious Remcos RAT and another malware strain dubbed Meduza Stealer. UAC-0050 Attack Description: Activity Covered […]
The infamous hacking group known as UAC-0006 has been launching offensive operations against Ukraine since 2013 primarily driven by financial gain. CERT-UA researchers recently issued a compiled overview of the groupās adversary activity aimed at raising cybersecurity awareness and minimizing risks. The group is notorious for committing financial theft by leveraging malware like SmokeLoader to […]
Hard on the heels of the phishing attack impersonating the Security Service of Ukraine and using Remcos RAT, the hacking collective identified as UAC-0050 launched another adversary campaign against Ukraine leveraging the phishing attack vector. In these attacks targeting 15,000+ users hackers massively send emails with a subject and attachment lures related to a summons […]
Hot on the heels of the Zimbra zero-day vulnerability, another critical security flaw affecting popular software comes to the scene. The open-source file-sharing software ownCloud has recently disclosed a trio of disturbing security holes in its products. Among them, the max severity vulnerability tracked as CVE-2023-49103 gained the CVSS score of 10 due to the […]
Defenders observe a new phishing attack, in which adversaries weaponize a russian-language Microsoft Word document to distribute malware that can extract sensitive data from targeted Windows instances. Hackers behind this offensive campaign belong to a North Korean group dubbed Konni, which shares similarities with a cyber-espionage cluster tracked as Kimsuky APT. Detect Konni Group Attacks […]
Vulnerabilities affecting popular software products, like Zimbra Collaboration Suite (ZCS), continuously expose organizations in multiple industry vectors, including the public sector, to increasing risks. Defenders exposed a minimum of four offensive operations employing a Zimbra zero-day vulnerability tracked as CVE-2023-37580, specifically designed to extract sensitive data from government entities across multiple countries. Detect CVE-2023-37580 Exploitation […]
CERT-UA researchers have recently published a novel heads-up that covers ongoing phishing attacks against Ukraine involving distribution of Remcos RAT. The group in charge of this offensive campaign, which involves massively distributing spoofing emails with a false sender identity masquerading as the Security Service of Ukraine, is tracked as UAC-0050. UAC-0050 Attack Analysis Covered in […]
This November, a set of new zero-days in the popular software products are emerging in the cyber domain, like CVE-2023-22518 affecting all versions of Confluence Data Center and Server. Shortly after its disclosure, another zero-day flaw in SysAid IT software tracked under CVE-2023-47246 comes to the scene. Microsoft revealed traces of vulnerability exploitation, with the […]
Organizations have to constantly struggle with an avalanche of threats while relying on a straightforward and proactive method to dynamically assess the performance of their security programs. Introducing a threat-informed defense strategy empowers organizations to focus on known threats and dynamically test defenses by equipping teams with better data and insights into their security program […]
The increasing menace posed by nation-state actors continuously increases with new sophisticated attack methods adopted by APT collectives and a massive shift towards stealthiness & operational security. Recently, security researchers revealed a destructive campaign against Israeli organizations launched by an Iran-affiliated hacker group dubbed Agonizing Serpens (aka Agrius, BlackShadow). The main objective of this offensive […]