EHA
Phishing Attack SharePoint Servers

Beware of Phishing Attack that Abuses SharePoint Servers

A massive phishing campaign exploits Microsoft SharePoint servers to host malicious PDFs containing phishing links. As observed by ANY.RUN sophisticated attack has seen an alarming surge, with over 500 public sandbox sessions detecting SharePoint...
Critical PHP Vulnerability CVE-2024-4577 Actively Exploited in the Wild

Critical PHP Vulnerability CVE-2024-4577 Actively Exploited in the Wild

A critical vulnerability in PHP, tracked as CVE-2024-4577, is being actively exploited by threat actors in wild just days after its public disclosure in June 2024. The flaw affects PHP installations running in CGI...
Hackers Leveraging Compiled V8 JavaScript In Wild To Deploy Malware

Hackers Leveraging Compiled V8 JavaScript In Wild To Deploy Malware

Hackers exploit compiled V8 JavaScript to obfuscate their malicious code, as the compiled bytecode effectively hides the malware's original source code and intentions. Recently, the use of compiled V8 JavaScript by malware authors has been...
Kimsuky Hackers Attacking Organizations Using Weaponized EXE & DOCX Files

Kimsuky Hackers Attacking Organizations Using Weaponized EXE & DOCX Files

Hackers often use EXE and DOCX file formats is due to they are among the most commonly used types of files that can be easily disguised as legitimate. EXE files can be used to deliver...
Information Stealing Malware Distributed as AT tools & Chrome Extensions

Information Stealing Malware Distributed as AT tools & Chrome Extensions

The first half of 2024 has seen a significant rise in information-stealing malware disguised as AI tools and Chrome extensions. This trend highlights cyber criminals' increasing sophistication and adaptability as they exploit emerging technologies...
Beware of Open-Source Neptune Stealer Delivered Via GitHub

Beware of Open-Source Neptune Stealer Delivered Via GitHub

Cybersecurity analysts have identified a new malware strain known as Neptune Stealer. This malicious software, designed to steal sensitive information from infected systems, is being distributed openly via GitHub, a popular platform for hosting...
Kematian Stealer Abuses Powershell Tool for Covert Data Exfiltration

Kematian Stealer Abuses Powershell Tool for Covert Data Exfiltration

The Kematian Stealer has emerged as a sophisticated PowerShell-based malware that covertly exfiltrates sensitive data from compromised systems. This article delves into the intricate workings of this malicious tool, highlighting its methods and the...
New Volcano Demon Ransomware Group Threatening Victims Over Phone Call

New Volcano Demon Ransomware Group Threatening Victims Over Phone Call

A novel malware known as Volcano Demon has been observed targeting Windows workstations and servers, obtaining administrative credentials from the network. The threat actor doesn't have a leak site and instead uses phone calls to...
Malicious QR Reader App in Google Play Delivers Anatsa Banking Malware

Malicious QR Reader App in Google Play Delivers Anatsa Banking Malware

Cybersecurity experts have identified a malicious QR code reader app on Google Play that is delivering the notorious Anatsa banking malware. This discovery underscores the persistent threat posed by malicious apps in official app...
593 Malicious Cobalt Strike Servers

International Operation Takes Down 593 Malicious Cobalt Strike Servers

Law enforcement agencies from around the world have successfully shut down 593 rogue servers running unauthorized versions of Cobalt Strike, a tool often misused by cybercriminals. The operation, codenamed "Operation Morpheus," was spearheaded by the...

Managed WAF

Website

Latest News