Ransomware Attack Warning
Ransomware Attack Warning
  • Alert & Advisory
  • January 12, 2022

Security experts have uncovered a new year scheme employed by a cybercrime group to deliver ransomware to targeted organizations. The group has been mailing out USB thumb drives to many organizations in the hope that recipients will plug them into their PCs and install ransomware on their networks. While businesses are being targeted, criminals could soon begin sending infected USB drives to individuals.

Apache Log4j Remote Code Execution Vulnerability.
Apache Log4j Remote Code Execution Vulnerability.
  • Alert & Advisory
  • December 20, 2021

On December 9, 2021, a vulnerability was reported that could allow a system running Apache Log4j 2 version 2.15 or below to be compromised and allow an attacker to execute arbitrary code. The Apache Log4j 2 utility is a widely deployed Java-based logging utility used for logging requests. Open-source reporting indicates that active scanning and exploitation of this vulnerability have been observed.

New Windows Installer Zero-Day Vulnerability
New Windows Installer Zero-Day Vulnerability
  • Alert & Advisory
  • November 25, 2021

A security researcher discovered and reported a privilege escalation vulnerability in the Windows Installer software component, which was later fixed by Microsoft. The flaw not only allows for the bypass of Microsoft's previous fix, but it also allows for local privilege escalation via the newly discovered zero-day bug. As a result, attackers are actively attempting to exploit the newly disclosed variant of the disclosed vulnerability in order to potentially execute arbitrary code on fully patched systems.

Rootkits Malware Attacks
Rootkits Malware Attacks
  • Alert & Advisory
  • November 22, 2021

Rootkits are one of the most damaging types of malware. They are very difficult to detect & remove and provide the Threat Actors almost complete access to the target computer. A hacker who installs a rootkit into a computer can access & steal data, delete or corrupt files, spy on all system activities, modify programs, etc. Since rootkits remain constantly hidden and avoid detection, most commercially available anti-virus software is ineffective against them.

Iranian Hacking Group targets Telecos, ISPs and Ministry of foreign Affairs  (MFA) with Upgraded Malware
Iranian Hacking Group targets Telecos, ISPs and Ministry of foreign Affairs (MFA) with Upgraded Malware
  • Alert & Advisory
  • November 12, 2021

An Iranian threat group known as Lyceum (aka Hexane, Siamesekitten, or Spirlin) has been reported to be targeting Telcoms, ISPs and Ministry of Foreign Affairs (MFA) in Africa in a recent politically motivated attacks with an active focus on cyberespionage. This group is known to be focused on infiltrating the networks of telecoms companies and internet service providers (ISPs). Between July and October, Lyceum was spotted in attacks against ISPs and telecoms organizations across Israel, Morocco, Tunisia, and Saudi Arabia.  The advanced persistent threat (APT) group has been linked to campaigns striking Middle Eastern oil and gas companies in the past and now appears to have expanded its focus to include the technology sector. In addition, the APT is responsible for a campaign against an unnamed African ministry of foreign affairs.

Related Articles