Lokibit alert on high

LokiBot is an information stealer that comes with a range of built-in capabilities to extract information from different applications and files. The malware was first spotted in mid-2010 when it…

Fileless Malware , On a rise to be worried

According to a recent Cisco study title 'Threat Landscape Trends,' fileless threats have topped as the most common critical-severity cybersecurity threat to endpoints in the threat category list. Endpoint security…

Zerologon ! Goes Wild

Threat actors are activly exploiting the Windows Server Zerologon vulnerability in recent attacks. Microsoft strongly recommends all Windows administrators to install the security updates.As part of the August 2020 Patch…

Aruba Clear pass RCE bypassed

A critical vulnerability has been patched in Aruba ClearPass Policy Manager that exposes host systems to remote exploitation. The flaw is classed as an unauthenticated remote code execution (RCE) vulnerability…

Hijacking Firefox

The SSDP engine of the victims' Firefox browsers can be tricked into triggering an Android intent by simply replacing location of the XML file in the response packets with a…

Maze infects via VM 🐾

The gang responsible for the Maze ransomware family conducted an attack in which they distributed their malware payload inside of a virtual machine (VM). The attackers packaged the ransomware payload…

Ngrok Abused

Cybercriminals have been using ngrok—a cross-platform application to expose local development servers to the internet, for malicious purposes for years now. An organization was targeted by a keylogger, where malicious…