GitHub, Telegram Bots, and QR Codes Abused in New Wave of Phishing Attacks https://firewall.firm.in/wp-content/uploads/2024/10/phishing.png A new tax-themed malware campaign targeting insurance and finance sectors has been observed leveraging GitHub links in phishing email messages as a way to bypass security measures and deliver Remcos RAT, indicating that the method is gaining traction among threat actors. “In this campaign, legitimate repositories ...

How Hybrid Password Attacks Work and How to Defend Against Them https://firewall.firm.in/wp-content/uploads/2024/10/password.png Threat actors constantly change tactics to bypass cybersecurity measures, developing innovative methods to steal user credentials. Hybrid password attacks merge multiple cracking techniques to amplify their effectiveness. These combined approaches exploit the strengths of various methods, accelerating the password-cracking process. In this post, we’ll explore hybrid attacks — ...

CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance https://firewall.firm.in/wp-content/uploads/2024/10/big-ip.png Oct 11, 2024Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that it has observed threat actors leveraging unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager (LTM) module to conduct reconnaissance of target networks. It said the module ...

New Critical GitLab Vulnerability Could Allow Arbitrary CI/CD Pipeline Execution https://firewall.firm.in/wp-content/uploads/2024/10/gitlab.png Oct 11, 2024Ravie LakshmananDevOps / Vulnerability GitLab has released security updates for Community Edition (CE) and Enterprise Edition (EE) to address eight security flaws, including a critical bug that could allow running Continuous Integration and Continuous Delivery (CI/CD) pipelines on arbitrary branches. Tracked as CVE-2024-9164, the vulnerability carries a ...

OpenAI Blocks 20 Global Malicious Campaigns Using AI for Cybercrime and Disinformation https://firewall.firm.in/wp-content/uploads/2024/10/ai-content.png Oct 10, 2024Ravie LakshmananCybercrime / Disinformation OpenAI on Wednesday said it has disrupted more than 20 operations and deceptive networks across the world that attempted to use its platform for malicious purposes since the start of the year. This activity encompassed debugging malware, writing articles for websites, ...

Cybercriminals Use Unicode to Hide Mongolian Skimmer in E-Commerce Platforms https://firewall.firm.in/wp-content/uploads/2024/10/shopping.png Oct 10, 2024Ravie LakshmananCybercrime / Malware Cybersecurity researchers have shed light on a new digital skimmer campaign that leverages Unicode obfuscation techniques to conceal a skimmer dubbed Mongolian Skimmer. “At first glance, the thing that stood out was the script’s obfuscation, which seemed a bit bizarre because of all ...

N. Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform Malware https://firewall.firm.in/wp-content/uploads/2024/10/attack.png Oct 09, 2024Ravie LakshmananPhishing Attack / Malware Threat actors with ties to North Korea have been observed targeting job seekers in the tech industry to deliver updated versions of known malware families tracked as BeaverTail and InvisibleFerret. The activity cluster, tracked as CL-STA-0240, is part of a ...

Google Joins Forces with GASA and DNS RF to Tackle Online Scams at Scale https://firewall.firm.in/wp-content/uploads/2024/10/online-scam.png Oct 09, 2024Ravie LakshmananCybercrime / Threat Detection Google on Wednesday announced a new partnership with the Global Anti-Scam Alliance (GASA) and DNS Research Federation (DNS RF) to combat online scams. The initiative, which has been codenamed the Global Signal Exchange (GSE), is designed to create ...

Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries https://firewall.firm.in/wp-content/uploads/2024/10/hackers.png Oct 09, 2024Ravie LakshmananIndustrial Security / Critical Infrastructure Details have emerged about multiple security vulnerabilities in two implementations of the Manufacturing Message Specification (MMS) protocol that, if successfully exploited, could have severe impacts in industrial environments. “The vulnerabilities could allow an attacker to crash an industrial device or in ...

Cyberattack Group ‘Awaken Likho’ Targets Russian Government with Advanced Tools https://firewall.firm.in/wp-content/uploads/2024/10/russia.png Oct 08, 2024Ravie LakshmananCyber Threat / APT Attack Russian government agencies and industrial entities are the target of an ongoing activity cluster dubbed Awaken Likho. “The attackers now prefer using the agent for the legitimate MeshCentral platform instead of the UltraVNC module, which they had previously used to gain ...