Tag: Cybersecurity

Infostealers: How to Detect, Remove and Prevent them?

Infostealer pose danger to your data and identity. But how to detect and stop them?

The flow of information is crucial in today’s world, but it’s also precious to cybercriminals. They target personal data stored on your device through infostealer malware, putting your information at risk. Experts have marked a significant rise in the spread of information-stealing malware, also known as infostealers or stealers. In Q1 2023, the number of… Continue reading Infostealers: How to Detect, Remove and Prevent them?

FraudGPT Offers Phishing Email Generation to Cybercriminals

FraudGPT offers cybercriminals more effective methods for launching phishing attacks

It’s not just IT companies racing to develop AI-powered chatbots. Cybercriminals have also joined the fray. Recent reports indicate that a developer has built a dangerous AI chatbot called “FraudGPT” that enables users to engage in malicious activities. Earlier this month, security experts uncovered a hacker working on WormGPT. Also, the chatbot enables users to… Continue reading FraudGPT Offers Phishing Email Generation to Cybercriminals

Information Security Threats in Social Media

Social media compromises information security, but most people ignore it for some reason

Social media has become an important aspect of our everyday lives in this age of technology and information. Despite its numerous advantages, social media has raised concerns about protecting personal privacy. In particular, social networks pose a significant danger to information security – and it is mostly unspoken. But is this threat real? And how… Continue reading Information Security Threats in Social Media

Ivanti 0-day exploited to target Norwegian government

The actively exploited zero-day vulnerability impacted Ivanti ‘s mobile device management software EPMM.

Software development company Ivanti (formerly MobileIron Core) has patched a zero-day vulnerability that allowed authentication bypass. This vulnerability had a maximum CVSS level and was actively exploited to gain unauthorized access. What is Ivanti Company? Ivanti is an IT software company headquartered in Utah, United States. It produces a variety of IT management and security… Continue reading Ivanti 0-day exploited to target Norwegian government

Gozi and IcedID Trojans Spread via Malvertising

Malvertising sing paid ads to spread Gozi and IcedID

Malvertising on Google Search is an unpleasant occurrence where malicious ads appear in search engine results. These ads are meant to help users find relevant information. But unfortunately, some cybercriminals use paid advertisements to entice users to visit harmful websites and deceive them into downloading malicious software. How does malvertising work? Malvertising is an attack… Continue reading Gozi and IcedID Trojans Spread via Malvertising

Trojanized TeamViewer Installer Spreads njRAT

Hackers exploit third-party software sources to distribure a dangerous remote-access trojan

Threat actors reportedly started using fake TeamViewer to distribute malware. Their particular favourite for the final payload is the infamous njRAT trojan – an old-timer of the scene. Through the tricky spreading scheme, hackers run a multi-stage attack. njRAT Hides in Trojanized TeamViewer App For some reason, people show high levels of trust towards downloading… Continue reading Trojanized TeamViewer Installer Spreads njRAT

US Military Emails Leaked Massively Due to the Typo

Millions of US military emails, some with confidential information, were sent to wrong addresses

Email letters sent to the US military addresses ended up on similarly-named Mali emails because of the domain name typo. All this started as a mistake, but may transform into a typosquatting attempt for government-grade spying. Typos In Email Addresses Cause US Military Info Leak Well, the fact is here – the US military has… Continue reading US Military Emails Leaked Massively Due to the Typo

Microsoft “nOAuth” is Vulnerable to Simple Email Spoofing

Vulnerability in nOAuth Azure Active Directory that allows adversaries to use the "Log In with Microsoft" feature.

In June, researchers revealed a vulnerability in Azure Active Directory and third-party apps called “nOAuth,” that could result in a complete account takeover. This is just one of the many vulnerabilities in Microsoft software and systems like Active Directory that can be exploited, putting organizations at risk. Although Microsoft has responded to the vulnerability, developers… Continue reading Microsoft “nOAuth” is Vulnerable to Simple Email Spoofing

American Airlines Hacked by Cl0P Gang, MOVEit Involved

Cl0p extortion gang got another large company as a victim

American Airlines, the major airline company in the US, appears to be yet another victim of MOVEit vulnerability. Specifically, Cl0p ransomware gang hackers claim the successful attack upon the co. The post on their Darknet leak site does not disclose much, but the company is most likely already in the negotiations with hackers. What is… Continue reading American Airlines Hacked by Cl0P Gang, MOVEit Involved

What is Cyber Risk Exposure and How Can You Manage It?

As companies are increasingly more connected to the Internet and each other than ever before, the inherent vulnerabilities and cyber risks have also increased.

Modern businesses face cybersecurity threats daily. While most are effectively neutralized, a successful attack can lead to unpleasant consequences. Therefore, it is crucial for organizations to clearly understand their vulnerability to cyber risks and how they can accurately assess this risk. This article will explore the quantitative assessment of cyber threats, their benefits, and how… Continue reading What is Cyber Risk Exposure and How Can You Manage It?