A peek into APT36’s updated arsenal

In July 2023, Zscaler ThreatLabz discovered new malicious activity perpetuated by the Pakistan-based advanced persistent threat group (APT36). APT36 is a sophisticated cyber threat group with a history of conducting targeted espionage operations in South Asia. Zscaler ThreatLabz observed APT36 Read More …

Redfly: Espionage Actors Continue to Target Critical Infrastructure

Espionage actors are continuing to mount attacks on critical national infrastructure (CNI) targets, a trend that has become a source of concern for governments and CNI organizations worldwide. Symantec’s Threat Hunter Team has found evidence that a threat actor group Read More …

NSA, FBI, and CISA Release Cybersecurity Information Sheet on Deepfake Threats

Today, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Cybersecurity and Infrastructure Security Agency (CISA) released a Cybersecurity Information Sheet (CSI), Contextualizing Deepfake Threats to Organizations, which provides an overview of synthetic media threats, techniques, Read More …

Unusually low 5 critical vulnerabilities included in Microsoft September Patch Tuesday, along with two zero-days

Microsoft disclosed 65 vulnerabilities across its suite of products and software Tuesday, only five of which are considered critical, which is very low compared to Microsoft’s usual security updates. However, there are two issues disclosed and patched this month that Read More …

MGM Resorts Slot machines go down in cyber-attack on firm

Customers have reported problems with slot machines and online room booking systems following a cyber-attack on casino and hotel giant MGM Resorts. Certain systems were shut down due to a “cyber-security issue”, the firm said. But it added that its Read More …

OriginBotnet Spreads via Malicious Word Document

In August, FortiGuard Labs obtained a Word document containing a malicious URL designed to entice victims to download a malware loader. This loader employs a binary padding evasion strategy that adds null bytes to increase the file’s size to 400 Read More …

Deleting Your Way Into SYSTEM: Why Arbitrary File Deletion Vulnerabilities Matter

Windows arbitrary file deletion vulnerabilities should no longer be considered mere annoyances or tools for Denial-of-Service (DoS) attacks. Over the past couple of years, these vulnerabilities have matured into potent threats capable of unearthing a portal to full system compromise. Read More …

Analyzing Cuba ransomware

The group’s offensives first got on Kaspersky researchers radar in late 2020. Back then, the cybercriminals had not yet adopted the moniker “Cuba”; they were known as “Tropical Scorpius”. Cuba mostly targets organizations in the United States, Canada and Europe. Read More …