TikTok ordered to close Canada offices following “national security review”

The Government of Canada ordered the TikTok Technology Canada Inc. to close its offices in the country following a national security review. This decision was made in accordance with the Investment Canada Act, which allows for the review of foreign Read More …

Hello again, FakeBat: popular loader returns after months-long hiatus

The web browser, and search engines in particular, continue to be a popular entry point to deliver malware to users. While Malwarebytes Labs noted a decrease in loaders distributed via malvertising for the past 3 months, today’s example is a Read More …

QSC: A multi-plugin framework used by CloudComputating group in cyberespionage campaigns

In 2021, Kaspersky researchers began to investigate an attack on the telecom industry in South Asia. During the investigation, they discovered QSC: a multi-plugin malware framework that loads and runs plugins (modules) in memory. The framework includes a Loader, a Read More …

Critical CyberPanel Vulnerability (CVE-2024-51378): How to Stay Protected

The SonicWall Capture Labs threat research team became aware of CVE-2024-51378, assessed its impact and developed mitigation measures for the vulnerability. CVE-2024-51378 is a critical vulnerability with a CVSS score of 9.8 in CyberPanel versions 2.3.6 and 2.3.7 that allows Read More …

Cisco Releases Security Advisories for Multiple Products

Cisco has released 15 security advisories addressing multiple vulnerabilities, including one critical and two high severity vulnerabilities affecting various products. The critical vulnerability affects Cisco Unified Industrial Wireless Software for Ultra-Reliable Wireless Backhaul Access Point, a software that uses wireless Read More …

Silent Skimmer Gets Loud (Again)

In late May 2024, Unit 42 researchers observed an adversary compromising multiple web servers to gain access to the environment of a multinational organization headquartered in North America. Based on overlaps in adversary infrastructure and tools, as well as tactics, Read More …

Update your Android: Google patches two zero-day vulnerabilities

Google has announced patches for several high severity vulnerabilities. In total, 51 vulnerabilities have been patched in November’s updates, two of which are under limited, active exploitation by cybercriminals. If your Android phone shows patch level 2024-11-05 or later then Read More …

Bengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaign

Once used exclusively by the cybercriminals behind REVil ransomware and the Gootkit banking trojan, GootLoader and its primary payload have evolved into an initial access as a service platform—with Gootkit providing information stealing capabilities as well as the capability to Read More …

New SteelFox Trojan mimics software activators, stealing sensitive data and mining cryptocurrency

In August 2024, Kaspersky team identified a new crimeware bundle, which we named “SteelFox”. Delivered via sophisticated execution chains including shellcoding, this threat abuses Windows services and drivers. It spreads via forums posts, torrent trackers and blogs, imitating popular software Read More …

Gartner Survey Shows AI Enhanced Malicious Attacks as Top Emerging Risk

Survey of 286 Senior Enterprise Risk Executives Reveals Top Five Emerging Risks in the Third Quarter of 2024 Artificial intelligence (AI)-enhanced malicious attacks are the top emerging risk for enterprises in the third quarter of 2024, according to Gartner, Inc. Read More …