EHA
Home Cyber Security Research

Cyber Security Research

Beware Of New Money Laundering Attack Targeting UPI Users

Beware Of New Money Laundering Attack Targeting UPI Users

Threat actors target UPI users as UPI offers a convenient platform for transferring money, often with less severe security than traditional banking systems.  Due to fewer security measures, threat actors exploit user behavior and transaction...
$30 Million Bounty Rewards For Android, iOS, & Chrome Zero-day

$30 Million Bounty Rewards For Android, iOS, & Chrome Zero-day

This year, Crowdfense is expanding its scope to encompass additional major research fields like Enterprise Software, WiFi/Baseband, and Messengers and is proposing a larger 30 million USD acquisition program. Crowdfense is the world's premier research...
Simplify Your Malware Sandboxes Configuration – Practical Guide

Practical Guide to Simplify Your Malware Sandboxes Configuration

Malware sandboxes are integral to security applications like intrusion detection, forensics, and threat intelligence, but using them correctly is challenging due to choices in implementations, monitoring techniques, and configurations.  Improper use can negatively impact applications...
CISA And FBI Warns That Hackers Use SQL Injection Vulnerabilities To Hack Servers

CISA & FBI : Hackers Exploiting SQL Injection Flaws To Hack Servers

CISA and the FBI released the Secure by Design Alert to address SQL injection vulnerabilities in software that affect thousands of organizations. A persistent class of defects in commercial software solutions is SQL injection, or...
Embedded Links in PDF Attachments

TA450 Hackers Uses Embedded Links in PDF Attachments to Attack Windows

In a concerning development in cyber warfare, the Iran-aligned threat actor known as TA450, also recognized by aliases such as MuddyWater, Mango Sandstorm, and Static Kitten, has been reported to employ a new strategy...
Researched Exploit DHCP To Escalate Privileges In Windows Domains

Hackers Exploit DHCP To Escalate Privileges In Windows Domains

Researchers at Akamai have unveiled a new technique that could potentially put millions of Windows domains at risk. This technique exploits the Dynamic Host Configuration Protocol (DHCP) administrators group to escalate privileges within Active...
Researchers Detailed Red Teaming Malicious Use Cases For AI

Researchers Detailed Red Teaming Malicious Use Cases For AI

Researchers investigated potential malicious uses of AI by threat actors and experimented with various AI models, including large language models, multimodal image models, and text-to-speech models.  Importantly, they did not fine-tune or provide additional training...
Smoke Loader Attacking Financial Institutions Running Microsoft Windows

Smoke Loader Attacking Financial Institutions Running Microsoft Windows

The reason hackers go after financial institutions is because these places have valuable things like money, intellectual property, and sensitive customer information.  Hacked financial systems can result in monetary gain by means of theft, blackmail...
PrintListener Attack

Hackers Use Fingertip Friction Sound To Steal Fingerprints

Researchers have unveiled a new cybersecurity threat that could compromise the integrity of fingerprint authentication systems worldwide. The method, dubbed "PrintListener," exploits the sound of fingertip friction on smartphone screens to infer and reconstruct...
OpenCTI With ANY.RUN: OSINT Platform to SOC & MDR Teams for Malware Analysis

OpenCTI With ANY.RUN: OSINT Platform to SOC & MDR Teams for Malware Analysis

ANY.RUN integrates with OpenCTI to streamline threat analysis, which allows enriching OpenCTI observations with data directly from ANY.RUN analysis. OpenCTI is a central hub that collects threat data from various sources, like ANY.RUN, through connectors,...

Managed WAF

Website

Latest News