EHA
Hackers Attack Email Servers

Hackers Exploit Zimbra and Roundcube Email Servers to Attack Government Organizations

An alarming spear-phishing campaign has been uncovered, specifically aimed at government organizations. This attack preys on the vulnerabilities of Zimbra and Roundcube email servers. It is crucial that immediate action is taken to secure...
CISA Urge Gov Agencies to Apply Patch for Windows and Office zero-days Immediately

CISA Urge Gov Agencies to Apply Patch for Windows and Office zero-days Immediately

CISA urged government agencies to apply the patch immediately for Microsoft Office and Windows HTML remote code execution vulnerabilities exploited in the wild. As a result, these vulnerabilities have frequently been exploited and pose significant...
JumpCloud Hacked –  Hackers Breached The Systems Via Spear-Phishing Attack

JumpCloud Hacked – Hackers Breached The Systems Via Spear-Phishing Attack

A sophisticated nation-state adversary with advanced capabilities attacked Jumpcloud with a spear phishing attack. JumpCloud is a US-based zero-trust directory platform that customers use to authenticate, authorize, and manage users, devices, and applications.  On July 12,...
IT Security Analyst Jailed

IT Security Analyst Jailed for Impersonating as a Hacker in Own Company

A 28 years old Former IT security analyst of an Oxford-based company has been sentenced to three years for deceiving the company to extort money. On 27 February 2018, the man impersonated a ransomware group...
WooCommerce Payments Underway

Massive Exploit Against WooCommerce Payments Underway Bug on 600,000 Websites

Hackers actively target vulnerable WordPress websites in an effort to take advantage of a widespread WooCommerce Payments plugin vulnerability and gain admin rights. The WooCommerce Payments plugin, with more than 600,000 active installations, facilitates credit...
WormGPT – AI Tools Used by Threat Actors to Launch Cyber Attacks

Hackers use WormGPT to Launch Sophisticated cyberattacks

Generative AI technology is rapidly growing and advancing, driven by continuous research and development efforts. But, besides the growing advancements and positive things, these generative AI technologies are also actively exploited by threat actors for...
Russian Cyber Playbook

5 Phases of Russian Cyber Playbook in Attacks Against Ukraine

Russia's invasion of Ukraine on February 24, 2022, followed escalating cyber operations, categorized into six phases, by Russian troops amassed at the border. Beyond the focus on wipers, Russian military intelligence (GRU) utilizes a unified...
APT Groups Actively Targeting Outlook Online

Chinese APT Groups Actively Targeting Outlook and Exchange Online Email Accounts

A china based APT actor accessed Microsoft 365 cloud environment and exfiltrated unclassified Exchange Online Outlook data from a small number of accounts. In June 2023, a Federal Civilian Executive Branch (FCEB) agency observed suspicious activity...
Multi-stage TOITOIN Trojan Abusing Amazon EC2 Instances to Evade Detections

Multi-stage TOITOIN Trojan Abusing Amazon EC2 Instances to Evade Detections

New advanced malware targets LATAM businesses with TOITOIN Trojan, revealing intricate layers. The complete attack is based on a multi-stage process that involves the following key things which highlight the severe effect of it:- Phishing...
New MalasLocker Ransomware Attacks users of Zimbra servers

MalasLocker Ransomware Attacks Users of Zimbra Servers

A Notorious MalasLocker Ransomware, which has been active since March 2023, targets Zimbra servers and demands charity donations instead of Ransom. This group mostly targets corporate companies providing business services, software, and Manufacturing services around...

Managed WAF

Website

Latest News