15 Cybersecurity Myths and Denials

Cybersecurity Myths

There are many cybersecurity myths, just as in any industry that demands specialized knowledge. People often make reckless statements about viruses, anti-malware programs, and general cybersecurity practices. This leads to unbelievably silly—and potentially costly—situations. Now, we’re here to set the record straight. We’ll show you which beliefs are myths and which have some truth to… Continue reading 15 Cybersecurity Myths and Denials

Malware Protection

Malware Protection functions

Many people remain unaware of the substantial benefits of malware protection. While most have encountered the concept of computer threats, their understanding tends to be imprecise. In the past, the term “virus” frequently surfaced; now, “malware” has become the prevalent, albeit nebulous, term that casts a shadow of uncertainty over online threats. This vagueness partly… Continue reading Malware Protection

Common Types of Cyber Attacks

Cyber attack technologies have grown increasingly sophisticated, targeting any website where vulnerabilities are present. As a frequent internet user entering personal data, it’s crucial to understand the threats these intrusions pose. Personal data is highly valued by cybercriminals who misuse it for their purposes or even sell it on the dark web. Cybercrime operates like… Continue reading Common Types of Cyber Attacks

RegreSSHion OpenSSH Vulnerability Allows for RCE

Researchers has discovered a new “high” severity signal handler race condition vulnerability

A newly discovered vulnerability in OpenSSH nicknamed regreSSHion allows remote attackers to gain root privileges on Linux systems based on glibc library. This flaw enables an unauthenticated attacker to execute arbitrary code on the vulnerable system and obtain root privileges. Considering the wide application of OpenSSH, this flaw can have massive impact, comparable in size… Continue reading RegreSSHion OpenSSH Vulnerability Allows for RCE

Whaling Phishing

Whaling is a phishing that aims high-profile people in different companies and organizations.

Malicious actors know executives and high-level employees, such as public spokespersons, are familiar with common spam tactics. Due to their public profiles, they may have undergone extensive security awareness training, and the security team may have implemented stricter policies and more advanced tools to safeguard them. As a result, attackers targeting these individuals are forced… Continue reading Whaling Phishing

Hello Perv

A new Hello Perv email sextortion scam got its name for the introduction words

“Hello perv” is a name for an email scam that got its name from the eponymous title. It aims at scaring the user and asking them to pay the ransom in cryptocurrency, in an exchange to not publishing explicit contents. These emails are sent in thousands, targeting people all around the world, sometimes even misfiring… Continue reading Hello Perv

New GrimResource Attack Technique Targets MMC, DLL Flaw

Attackers exploit an old vulnerability for a new attack.

A new malicious code execution technique, coined GrimResource, was discovered, targeting Microsoft Management Console. Attackers are exploiting an old cross-site scripting vulnerability that allows them to bypass defenses and deploy malware to endpoints. Attack Technique Exploits Microsoft Management Console Files On June 6, 2024, Elastic reported about discovering a new attack technique that uses Microsoft… Continue reading New GrimResource Attack Technique Targets MMC, DLL Flaw

Binance Smart Contracts Blockchain Abused in Malware Spreading

Hackers found the way to deploy malicious scripts via smart contracts

Cybercriminals appear to exploit Binance smart contracts as intermediary C2, preferring them over more classic hostings for them being impossible to take down. It is currently used to deploy infostealers, but potential application for such malignant purposes allows for working with pretty much any malware. Cybercriminals Use BSCs As C2 Infrastructure A new technique, coined… Continue reading Binance Smart Contracts Blockchain Abused in Malware Spreading

Kaspersky Antivirus Banned By the Biden Administration

U.S. Commerce Department bans marketing and updates for Kaspersky security solutions

On June 20, 2024, the Biden administration implemented a complete ban on sales of Kaspersky software. The company has been amidst data security worries since 2017. Now, after more than seven years of Kaspersky ban in govt organizations, the software is getting banned completely. US Implements Ban on Kaspersky Software On Thursday, June 20, U.S.… Continue reading Kaspersky Antivirus Banned By the Biden Administration

Win.MxResIcn.Heur.Gen

Even renowned antivirus companies may have troubles at times

Antivirus engine of MaxSecure, a well-known cybersecurity vendor, currently shows massive amounts of false positive detection with the name Win.MxResIcn.Heur.Gen. It touches numerous legitimate and safe programs, and is likely an outcome of the issues with the heuristic engine. The developer does not comment on the situation publicly, presumably communicating in support tickets. Win.MxResIcn.Heur.Gen Detection… Continue reading Win.MxResIcn.Heur.Gen