undetected
-
A design flaw in the logging mechanism of Fortinet’s VPN servers has been uncovered, allowing attackers to conduct brute-force attacks without detection.
-
Threat actors are exploiting the various ways that zip files combine multiple archives into one file as an anti-detection tactic in phishing attacks that deliver various Trojan malware strains, including SmokeLoader.
-
Cybercriminals are utilizing a sophisticated evasion strategy called ZIP file concatenation to specifically target Windows users. This method combines several ZIP files into a single archive, making it harder for security software to detect malicious content.
-
A recent report from Cyble Research and Intelligence Labs (CRIL) has unveiled a dangerous new campaign called ErrorFather, which utilizes a previously undetected version of the infamous Cerberus Android Banking Trojan to target Android users. The ErrorFather campaign demonstrates the persistent threat posed by Cerberus, even years after its initial discovery in 2019.
-
Cyble researchers have uncovered a new loader builder and obfuscation tool that has largely gone undetected by security tools.
-
Many of these files accompany deployed applications and contain sensitive information such as credentials or access tokens but should not be readable by external users. Unfortunately, such misconfigurations are common. For example, security researchers recently reported that attackers collected .env files from around 110,000 domains, leading to the exposure of more than 90,000 unique environment…
-
Key Takeaways Since June 2024, a new Android Spyware campaign has been identified targeting individuals in South Korea, leveraging an Amazon AWS S3 bucket as its Command and Control (C&C) server. The Spyware is capable of exfiltrating sensitive information from an infected device, including SMSs, contact lists, images, and videos. The stolen data, stored openly…
-
reader comments 21
-
More than 65 percent of websites are unprotected against simple bot attacks and 95 percent of advanced bot attacks go undetected on websites.
-
Facepalm: Mandrake is a recurring cyber threat within the Android mobile ecosystem. Researchers discovered Mandrake-infected apps a few years ago, and the malware has now apparently returned with even more sophisticated techniques designed to evade the latest security protections.
-
Hackers often exploit the APK packers to hide malicious codes within Android applications. This will make detecting and analyzing malware more difficult for security programs.
-
Incident: Year 11 students expelled for hacking schools IT systems for years undetected | PerthNow
·
Australian Education Access Breach, 24 June 2024 Students used the teacher’s details to access their grades and other students’ personal information. Source: 11 students expelled for hacking schools IT systems for years undetected | PerthNow
-
Organizations continue to struggle in detecting breaches as they become more targeted and sophisticated, with more than 1 out of 3 organizations citing their existing security tools were unable to detect breaches when they occur, according to Gigamon.
-
Cybersecurity researchers at Avast have unearthed a new and previously undetected variant of the Diamorphine Linux kernel rootkit, a sophisticated piece of malware known for its ability to conceal files, folders, and processes from both users and security tools. This discovery highlights the ever-evolving nature of cyber threats and the potential for malicious actors to…
-
Chinese actor ‘Unfading Sea Haze’ remained undetected for five years
-
Introduction APT41, known by numerous aliases such as Amoeba, BARIUM, BRONZE ATLAS, BRONZE EXPORT, Blackfly, Brass Typhoon, Earth Baku, G0044, G0096, Grayfly, HOODOO, LEAD, Red Kelpie, TA415, WICKED PANDA, and WICKED SPIDER, is a Chinese-origin cyber threat group recognized for its extensive cyber espionage and cybercrime campaigns.
-
Key Takeaways Cyble Research and Intelligence Labs (CRIL) observed an interesting campaign that utilized malicious LNK files, which could potentially be distributed via spam email. The Threat Actor (TA) behind this campaign uses human rights seminar invitations and public advisories as a lure to infect users with a malicious payload. This campaign highlights the…
-
“I want to be able to scan hashes of every file found by my EDR tool so I can quickly understand the threat they pose, and I don’t want to have to leave the EDR UI. Can you guys do that?”
-
reader comments 16