Latest Threats

We Keep you Connected

Latest Threats

  1. Feds: Zeppelin Ransomware Resurfaces with New Compromise, Encryption Tactics - Share this article: The CISA has seen a resurgence of the malware targeting a range of verticals and critical infrastructure organizations by exploiting RDP, firewall vulnerabilities. Zeppelin ransomware is back and employing new compromise and encryption tactics in its recent campaigns against various vertical industries—particularly healthcare—as well as critical infrastructure organizations, the feds are warning. Threat actors deploying the ransomware as a service (RaaS) are tapping remote desktop protocol (RDD) exploitation and SonicWall firewall vulnerabilities–alongside… Continue Reading
  2. Google Patches Chrome’s Fifth Zero-Day of the Year - Share this article: An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack. Google has patched the fifth actively exploited zero-day vulnerability discovered in Chrome this year as one in a series of fixes included in a stable channel update released Wednesday. The bug, tracked as CVE-2022-2856 and rated as high on the Common Vulnerability Scoring System (CVSS), is associated… Continue Reading
  3. Ransomware Attacks are on the Rise - Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group. After a recent dip, ransomware attacks are back on the rise. According to data released by NCC Group, the resurgence is being led by old ransomware-as-a-service (RaaS) groups. With data gathered by “actively monitoring the leak sites used by each ransomware group and scraping victim details as they are released,” researchers have determined that Lockbit was by… Continue Reading
  4. iPhone Users Urged to Update to Patch 2 Zero-Days - Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack. Apple is urging macOS, iPhone and iPad users immediately to install respective updates this week that includes fixes for two zero-days under active attack. The patches are for vulnerabilities that allow attackers to execute arbitrary code and ultimately take over devices. Patches are available for effected devices running… Continue Reading
  5. Cybercriminals Are Selling Access to Chinese Surveillance Cameras - Share this article: Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed. New research indicates that over 80,000 Hikvision surveillance cameras in the world today are vulnerable to an 11 month-old command injection flaw. Hikvision – short for Hangzhou Hikvision Digital Technology – is a Chinese state-owned manufacturer of video surveillance equipment. Their customers span over 100 countries (including the United States, despite the FCC labeling… Continue Reading
  6. Supply Chain Attack Pushes Out Malware to More than 250 Media Websites - The cyber-threat threat actor known as TA569, or SocGholish, has compromised JavaScript code used by a media content provider in order to spread the FakeUpdates malware to major media outlets across the US. According to a series of tweets from the Proofpoint Threat Research Team posted late Wednesday, the attackers have tampered with the codebase of an application that the unnamed company uses to serve video and advertising to national and regional newspaper websites. The supply… Continue Reading
  7. China-Backed APT10 Supercharges Spy Game With Custom Fileless Backdoor - Chinese-speaking threat actor APT10 has been using a sophisticated and sometimes fileless backdoor to target media, diplomatic, governmental, public sector, and think-tank targets, since at least March, researchers have found. Researchers at Kaspersky have been tracking the LodeInfo malware family since 2019, they said in one of two blog posts  published Monday that lay out a two-part investigation on the emerging threat. The group is bent on espionage, primarily against Japanese targets to date. However, as threat actors… Continue Reading
  8. FBI and CISA: Here’s what you need to know about DDoS attacks - Most Popular The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are warning organizations to take proactive steps to reduce the impact of distributed denial-of-service (DDoS) attacks. DDoS attacks can be cheap to create but disruptive, so it could be worthwhile for network defenders to take a look at CISA's and the FBI's guidance as a backup to what they likely already know about the attacks, which can overload networks,… Continue Reading
  9. Ransomware Barrage Aimed at US Healthcare Sector, Feds Warn - Daixin Team has actively targeted the US Healthcare and Public Health (HPH) sector since last June, according to a joint advisory issued by the FBI, Cybersecurity and Infrastructure Agency (CISA), and the Department of Health and Human Services (HHS), which provides indicators of compromise (IoCs) and tactics techniques and procedures (TTPs). Third-party investigations revealed that the Daixin Team ransomware is based on Babuk Locker source code, targets VMware EXSi servers and encrypts files, the advisory said. Officials… Continue Reading
  10. Microsoft: Raspberry Robin USB worm hits nearly 1,000 organizations in the past month - Most Popular Microsoft is warning that the relatively new Raspberry Robin USB drive worm has triggered payload alerts on nearly 3,000 devices in almost 1,000 organizations in the past 30 days. Raspberry Robin malware has previously been seen installed with FakeUpdates malware, which has been linked to the Russian cyber-crime group EvilCorp. Raspberry Robin has also been used to deploy Lockbit ransomware, as well as IcedID, Bumblebee, and Truebot malware. Now, Microsoft has seen it… Continue Reading

What are cybersecurity threats?

cybersecurity threat is any malicious attack by an individual or organization to gain access to another individual’s or organization’s network to corrupt data or steal confidential information. Sometimes, the attacks destroy computer systems.
No company is immune from cyber attacks and the resulting data breaches. As cyber threats become increasingly sophisticated, businesses must ensure they implement the security necessary to safeguard their data and their networks.
However, before they can do that, organizations need to understand the types of threats they’ll be facing almost daily, including:

  • Trojan: A type of malicious software (malware) or code that acts as a legitimate application or file to trick a user into loading and executing the malware on his device. A Trojan’s goal is to damage or steal an organization’s data or otherwise inflict some harmful action on its network.
  • Virus: A malicious program aimed at infecting a company’s systems, destroying data and bringing its network to a standstill. A virus attaches itself to a program, file, or document and lies dormant until some event triggers the device to execute its code.
  • Phishing attacks: A type of social engineering that attempts to trick users into bypassing normal cybersecurity practices and giving up sensitive data, such as user names and passwords, bank account information, Social Security numbers, and credit card data. Typically, hackers send out phishing scam emails that appear to come from trusted senders, such as PayPal, eBay, financial institutions, as well as friends and co-workers. The cybercriminals try to get users to click on links in the emails that will redirect them to fraudulent websites that ask for personal information or install malware on their devices. Opening attachments sent with phishing emails can also install malware on users’ devices, or allow the hackers to control their devices remotely.
  • Ransomware is malicious software that infects your computer and displays messages demanding a fee to be paid in order for your system to work again. … It has the ability to lock a computer screen or encrypt important, predetermined files with a password.
  • Distributed denial of service (DDoS): A DDoS attack aims to take down a company’s website by overwhelming its servers with requests. In this attack, requests come from hundreds or thousands of IP addresses that have probably also been compromised and tricked into continuously requesting a company’s website. A DDoS attack overloads an organization’s servers, slows them down significantly or temporarily takes them offline. This prevents customers from accessing the website and completing orders.