News, Tips, Security Lab

Tax Season Scams in 2024: What Should You Expect

Tax Season Scams On The Rise, Beware!

Tax season has already begun, and so did tax season scams. The IRS annually lists its top tax scams to…

Docker API Vulnerability Exploited in Cryptojacking Campaign

A new campaign named “Commando Cat” uses a Docker API vulnerability. It uses Docker to gain initial access to a…

Hewlett Packard Enterprise Hacked, Darknet Forum Sales Data

On February 1, 2024, a post on a Darknet hacker forum selling Hewlett Packard Enterprise data appeared. Threat actor known…

Mastodon Vulnerability Allows for Account Takeover

A security vulnerability loophole discovered by cybersecurity experts has revealed that decentralized social network Mastodon contains a critical vulnerability. Also,…

Mispadu Banking Trojan Exploits SmartScreen Flaw

Recent research uncovers a new sample of Mispadu malware that uses a SmartScreen bypass flaw to integrate itself into the…

Remcos RAT Uses Webhards to Target Korean Users

Remcos RAT Targets South Korean Users Through Webhards

An infamous Remcos RAT reportedly started targeting South Korean users through the files shared on Webhards platform. By baiting users with cracked software and adult content, hackers manage to install…

GitLab Zeroclick Account Hijack Vulnerability Uncovered

GitLab Zero-Click Account Hijack Vulnerability Revealed

On January 11, 2024, GitLab released an update with the official warning regarding the critical security violation fix. The vulnerability allows the user to send the account password reset form…

Hackers Exploit Windows SmartScreen Vulnerability to Spread Phemedrone Stealer

Windows SmartScreen Vulnerability Exploited to Spread Phemedrone Stealer

The malicious campaign exploits the CVE-2023-36025 vulnerability in Microsoft Windows Defender SmartScreen to spread Phemedrone Stealer. It utilizes intricate evasion techniques to bypass traditional security measures and target sensitive user…

Critical Cisco Unity Connection Vulnerability Allows for Root Access

Cisco Unity Connection Vulnerability Enables Root Access

Cisco has recently addressed a significant security vulnerabilit in its Unity Connection softwarey, identified as CVE-2024-20272. This flaw poses a critical risk as it allows unauthenticated attackers to gain root…

Ivanti Connect Secure Zero-Day Exploited

Ivanti Connect Secure Zero-Day Vulnerability Exploited In The Wild

Ivanti issued an alert about its Connect Secure VPN appliances. Advanced threat actors are exploiting two zero-day vulnerabilities in cyberattacks, possibly including state-sponsored groups. That is yet another vulnerability in…

Water Curupira hackers are actively distributing PikaBot malware

Water Curupira Hackers Spread PikaBot in Email Spam

Notorious group known as Water Curupira has unleashed a new wave of threats through their sophisticated malware, Pikabot. This menacing campaign, primarily spread through email spam, highlights an alarming escalation…

NoaBot Botnet Involved in Crypto Mining

NoaBot Botnet: The Latest Mirai Offspring

A new botnet called NoaBot emerged in early 2023. It reportedly targets SSH servers for cryptocurrency mining using the Mirai platform. On top of the Mirai’s functionality, it brings several…

PUABundler:Win32/CandyOpen Malware Removal Guide

PUABundler:Win32/CandyOpen Analysis & Removal Guide

PUABundler:Win32/CandyOpen is an unwanted program that acts as a browser hijacker and can download junk apps to your system. Specifically, it points at a thing known as OpenCandy adware, that…

Critical Auth Bypass Vulnerability in Apache OFBiz: CVE-2023-5146в

Apache OFBiz Vulnerability Exposes Millions of Systems

The cyber world has been rattled by the recent discovery of a critical zero-day vulnerability in Apache OFBiz, known as CVE-2023-51467. Researchers at SonicWall unveiled this flaw, which poses a…

YouTube Videos Promoting Malware

YouTube Videos Promote Software Cracks With Lumma Stealer

Researchers have discovered a cybersecurity threat that targets users through YouTube videos. These videos offer pirated software but are being used to distribute malware, specifically Lumma stealer. YouTube Videos Promoting…

Adobe ColdFusion Vulnerabilities Exploited in the Wild

Two Adobe ColdFusion Vulnerabilities Exploited in The Wild

Two vulnerabilities in Adobe ColdFusion are exploited in real-world attacks, the Cybersecurity & Infrastructure Security Agency (CISA) warns. Both issues are related to the possibility of arbitrary code execution, caused…

Tortilla Ransomware Free Decryptor Available

Tortilla (Babuk) Ransomware Decryptor Available

On January 9, 2024, Avast and Cisco Talos announced the release of a free decryptor for one of the Babuk ransomware variants – Tortilla. Analysts ensure that all the victims…