Unmasking the Cyber Threat Landscape — SIM-Swapping Attack

Unmasking the Cyber Threat Landscape — SIM-Swapping Attack

In November 2022, the world witnessed a significant data breach. A gang adept in SIM-swapping attacks targeted the cryptocurrency exchange, FTX, draining over $400 million from its coffers. While three Americans were implicated and charged for this cybercrime, the dark web whispers of the involvement of organized Russian cybercriminal networks laundering the stolen wealth. The […]

Attackers Access Source Code and Internal Docs – Understanding Cloudflare’s Breach

Cloudflare Breach: Nation-State Hackers Access Source Code and Internal Docs

In the ever-evolving landscape of cybersecurity, the Thanksgiving 2023 security incident involving Cloudflare has been a stark reminder of the sophistication and persistence of nation-state actors. It was a wake-up call to organizations worldwide on the necessity of robust identity and access management (IAM) systems to safeguard their digital assets. In this comprehensive analysis, we […]

Confluence RCE Exploit Campaign – CVE-2023-22527

Confluence RCE Exploit Campaign - CVE-2023-22527

Collaboration applications have become deeply ingrained in modern work culture, providing efficient means for teams to share information and work together. However, as with any technology, these tools also introduce potential security risks that can be exploited by malicious actors. Recently, a severe vulnerability nicknamed “Chaos” was disclosed in Atlassian’s popular Confluence software that allows […]

Silently Weaponizing the VMware Zero-Day: Inside the UNC3886 Cyber Espionage Campaign

Silently Weaponizing the VMware Zero-Day - Inside the UNC3886 Cyber Espionage Campaign

Advanced persistent threat (APT) groups are continuously evolving their tactics, techniques, and procedures (TTPs) to carry out cyber espionage campaigns against organizations globally. The latest example is that of UNC3886, an advanced China-nexus threat actor that has silently weaponized a critical zero-day vulnerability in VMware vCenter Server since late 2021 to infiltrate their targets. About […]

Massive Data Breach Exposes Over 41 Million Hathway Customers

Hathway, one of India’s largest cable TV and broadband service providers, has reportedly suffered a massive data breach impacting over 41 million customers. A hacker going by the alias “dawnofdevil” claims to have breached Hathway’s database and obtained sensitive personal information of millions of customers. This shocking cyber attack demonstrates the growing threat of data […]

FBot: A New Python Hacking Tool Targeting Cloud Services and SaaS Platforms

FBot -A New Python Hacking Tool Targeting Cloud Services and SaaS Platforms

A dangerous new hacking tool called FBot has recently emerged in the cybercrime underground. FBot is a Python-based tool designed to target popular web servers, cloud services, content management systems (CMS), and software-as-a-service (SaaS) platforms. In this post, we’ll take an in-depth look at FBot, its capabilities, and how organizations can protect themselves. Overview of […]

Cyber Espionage Campaign Sea Turtle – Targets Dutch IT and Telecom Companies

Sea Turtle Cyber Espionage Campaign Targets Dutch IT and Telecom Companies

The cyber threat landscape continues to evolve with new groups and campaigns emerging regularly. One such threat actor that has garnered attention recently is Sea Turtle, a Turkey-nexus Advanced Persistent Threat (APT) group conducting cyber espionage campaigns since at least 2017. This article provides an in-depth look at Sea Turtle’s activities, attack methods, and impact […]

Hackers Target UK Nuclear Waste Service via LinkedIn

Hackers Target UK Nuclear Waste Service via LinkedIn

The UK’s nuclear industry has again found itself in the crosshairs of cybercriminals. Nuclear Waste Services (NWS), the government-owned company responsible for managing radioactive waste, recently revealed that hackers attempted to breach its security through LinkedIn. While the attack was ultimately unsuccessful, it has raised alarms about the vulnerability of critical infrastructure to cyber threats. […]

[Alert] Cyber Attack On Albanian Parliament & Telecom Company

[Alert] Cyber Attack On Albanian Parliament & Telecom Company

Cyberattacks have become a formidable challenge for nations worldwide, and the Albanian Parliament, along with One Albania Telecom, fell victim to this modern menace in December 2023. In this deep dive, we shall scrutinize the assault by the Iranian-based hacker group, Homeland Justice, assess its implications for cybersecurity in Albania, and elucidate the strides taken […]

‘GambleForce’ – A New Hacker Group Attacking APAC Organisations Using SQL Injection

New Hacker Group 'GambleForce' Tageting APAC Firms Using SQL Injection

In the intricate web of global cybersecurity, a new player has emerged from the shadows of the Asia-Pacific (APAC) region. The group, known as “GambleForce”, has compelled the world to take notice through a series of precise, calculated cyberattacks. In this blog post, we unravel the modus operandi of this clandestine group, explore the vulnerabilities […]

Instant penetration testing quote

Get your instant and free penetration testing quote now.