Cyber Attack

Cyble Research and Intelligence Labs (CRIL), CRIL has uncovered a Go Stealer possibly targeting the Indian Air Force. This malware is propagated through a ZIP file named “SU-30_Aircraft_Procurement”. The ZIP file is hosted on Oshi (hxxps://oshi[.]at/ougg), an anonymous file storage platform and the Threat Actor (TA) could potentially be distributing …

North Korean hackers are sharing money-laundering and underground banking networks with fraudsters and drug traffickers in Southeast Asia, according to a United Nations report published on Monday, with casinos and crypto exchanges emerging as key venues for organized crime. The United Nations Office of Drugs and Crime (UNODC) said without …

Recorded Future, a threat intelligence firm, has cautioned that malicious actors are using GitHub services more to carry out secret cyber-attacks and has advised IT teams to act. Its new report, Flying Under the Radar: Abusing GitHub for Malicious Infrastructure, revealed the most popular GitHub services for threat actors. Between …

The global cyber insurance market is expected to reach $90.6 billion by 2033, with a growth rate of 22.3% annually from 2023, as analyzed by Market.Us. The industry is expected to reach $14.8 billion by the end of 2024, up from a projected $12.1 billion in 2023. The report pointed …

Saudi Arabia’s Ministry of Industry and Mineral Resources (MIM) had an exposed environment file containing sensitive details. The Cybernews reported that this data was accessible for 15 months. An environment file gives instructions to computer programs and is important for any system. Leaving these files open to anyone can expose …

The airport’s screens were hacked with messages criticizing Hezbollah and its leaders for endangering Lebanon and risking war with Israel. The screens at Beirut’s airport were hacked by anti-Hezbollah groups, showing the conflict between Hezbollah and Israel. The message accused Hezbollah of risking war with Israel. “Hassan Nasrallah, you will …

Security researchers found that Apache RocketMQ services are being targeted by malicious activities. The vulnerabilities, known as CVE-2023-33246 and CVE-2023-37582, remain a serious threat even after the vendor released patches in May 2023. Vulnerability Overview: The CVE-2023-33246 affected different parts of RocketMQ, such as NameServer, Broker, and Controller. Rongtong Jin, …

Cyber Threat Intelligence Unit of BGD e-GOV CIRT has detected a suspicious ongoing phishing campaign by APT group named as SideWinder targeted at Bangladeshi entities such as Bangladesh Armed Forces Division (AFD) and Law Enforcement Agencies. The group is known as a highly active hacker group who has shown the …

Google’s cybersecurity firm Mandiant get back its x (twitter) account after being taken over by someone sharing links to a cryptocurrency platform. On Wednesday afternoon around 3:30 pm EST, the scammar took the control over mandiant’s x account, renamed it as phantom and tweeted out links to a company called …

Around 11 million SSH servers are at risk from the Terrapin attack, which can compromise the security of certain SSH connections. This constitutes roughly 52% of all scanned samples in the IPv4 and IPv6 space monitored by Shadoserver. The Terrapin attack, created by researchers from Ruhr University Bochum in Germany, …