Security flaws in VMware products that can be leveraged in exploit chain attacks have been in the limelight in the cyber threat arena since May 2022, when CISA issued an alert warning of known remote code execution (RCE) and privilege escalation vulnerabilities. On August 9, 2022, VMware patched another set of vulnerabilities that might be […]
In our series of guides on Threat Hunting Basics, weāve already covered multiple topics, from techniques and tools threat hunting teams use to the certifications for professionals and beginners. But what makes good Cyber Hunting, and how can you evaluate it? One of the ways to measure the effectiveness of the hunting procedures is by […]
Ransomware attacks have become a constantly growing trend in the cyber threat arena since 2020, which continues to be on the rise in 2021-2022. Cybersecurity researchers have recently uncovered a new SolidBit ransomware variant, which targets gamers and social media users. The novel malware strain is spotted in the wild, being uploaded to GitHub and […]
Gwisin ransomware targeting Korean companies in multiple industries is currently on the increase in the cyber threat arena. Attributed to the Korean-speaking threat actors, Gwisin ransomware is leveraged in targeted attacks at specific organizations rather than random individuals and does not perform malicious behaviors on its own, which makes its detection harder. The ransomware is […]
Researchers revealed a critical security hole in 29 models of DrayTek Vigor routers, totaling more than 700,000 devices currently in use. DrayTek Vigor routers gained popularity during the worldwide shift to home offices during the pandemic and are mostly used by employees of small and medium-sized businesses in the UK, Netherlands, Vietnam, Taiwan, and Australia. […]
Amadey Bot, a notorious malware strain that first came to the cyber threat arena in 2018, is capable of stealing data and deploying other malicious payloads on the compromised system. It has been actively distributed across hacker forums to engage in offensive operations. Cybersecurity researchers have recently observed the distribution of a new version of […]
LockBit threat actors have been recently under the spotlight in the cyber domain. In July 2022, the hacking collective hit the headlines by introducing the first-ever bug bounty program launched by a ransomware gang. In the latest cyber-attacks, the notorious ransomware group applies Living-off-the-Land tools by abusing the legitimate Microsoft Defenderās command-line utility to deploy […]
We could start this article with a bold statement saying that Threat Hunting is easier than you think, and by reading our blog post, you will instantly become a pro. Unfortunately or luckily, thatās not the case. However, we understand that starting out as a Cyber Threat Hunter is tough. Thatās why we are introducing […]
On July 27, 2022, Microsoft cybersecurity researchers published a notice observing the recently revealed malicious activity of the European private-sector offensive actor (PSOA) tracked as KNOTWEED, which leverages a set of Windows and Adobe zero-day exploits, including the newly patched CVE-2022-22047 vulnerability. According to the research, threat actors launch targeted cyber-attacks against organizations in Europe […]
Spyware dubbed DevilsTongue is causing a fair share of trouble for journalists and free speech advocates in the Middle East, especially those Lebanon-based. Adversaries exploit a Chrome zero-day assigned CVE-2022-2294 that Google patched earlier this month to achieve shellcode execution, elevate privileges, and gain file-system permissions on the breached device’s memory. Researchers discovered that the […]