Russian GRU Global Brute Force Attacks
Russian GRU Global Brute Force Attacks
  • Alert & Advisory
  • July 2, 2021

The Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS), military unit 26165, is reported to be conducting a Global anonymized Brute Force Campaign to Compromise Enterprise and Cloud Environments. This attack is discovered to be targeting government and foreign organizations using brute force access to penetrate government and private sector victim networks.

Microsoft Edge Browser Vulnerabilities
Microsoft Edge Browser Vulnerabilities
  • Alert & Advisory
  • July 1, 2021

A Microsoft Edge vulnerability that could allow hackers steal secrets from any website was discovered and thereby prompting Microsoft to release updates for the Edge browser, including a fix. This bypass vulnerability could allow a remote attacker to bypass implemented security restrictions to inject and execute arbitrary code on any website just by sending a message.

Apple Zero-Day Vulnerabilities
Apple Zero-Day Vulnerabilities
  • Alert & Advisory
  • May 18, 2021

Apple has reported a zero-day vulnerability affecting its iOS, macOS and watchOS operating system being exploited by attackers in the wild to craft malicious web content, which may lead to remote code execution. Apple has therefore, released security patches for the zero-day bugs under active attacks.

Best Practices for Preventing Business Disruption from Ransomware Attacks
Best Practices for Preventing Business Disruption from Ransomware Attacks
  • Alert & Advisory
  • May 15, 2021

Malicious cyber actors has consistently deployed ransomware against government and private companies with recently trending attack on the US pipeline company’s information technology (IT) network, and the Japanese Conglomerate Toshiba unit by the DarkSide ransomware group. Critical Information asset owners and operators in Nigeria are therefore advised to adopt a heightened state of awareness and implement the recommendations listed in the Mitigations section of this Advisory, including implementing robust network segmentation between IT (Information technology) and OT (Operational Technology) networks; regularly testing manual controls; and ensuring that backups are implemented, regularly tested, and isolated from network connections. These mitigations will help CI owners and operators improve their entity's functional resilience by reducing their vulnerability to ransomware and the risk of severe business degradation if impacted by ransomware.

Cybercriminals Using Telegram messaging service to Distribute ToxicEye Malware
Cybercriminals Using Telegram messaging service to Distribute ToxicEye Malware
  • Alert & Advisory
  • April 28, 2021

Researchers discovered that Telegram instant messaging service is being used by malicious actors to manage a remote access trojan (RAT) called ToxicEye. These cyber criminals are increasingly abusing Telegram as a "command-and-control" system to distribute malware into organizations that could then be used to capture sensitive information from targeted systems. More than 130 attacks involving the ToxicEye RAT has been discovered recently, and warning that even when Telegram is not installed or being used, the system allows hackers to send malicious commands and operations remotely via the instant messaging app.

Related Articles