EHA
APT36 Employing Customized Malware to Attack Indian Government Linux and Windows Servers

APT36 Using Customized Malware to Attack Indian Government Linux and Windows Servers

APT36 is a highly sophisticated APT (Advanced Persistent Threat) group that is known for conducting targeted espionage in South Asia and is strongly linked to Pakistan. While this APT group is known for targeting the...
Notorious OriginBotnet Attack Windows Machine Using Weaponized Word Document

OriginBotnet Attack Windows Machine Using Weaponized Word Document

A recent cyberattack effort was discovered that used a malicious Word document delivered via phishing emails, causing victims to download a loader that launched a succession of malware payloads.  OriginBotnet, RedLine Clipper, and Agent Tesla...
Loda Malware

Loda Malware Attack Windows To Control RDP, Spread Malware, And Log User Inputs

Threat actors have been actively employing Loda, a remote access trojan (RAT) developed in AutoIT, an accessible language for automating Windows computer scripting. The malware may deliver various harmful payloads in addition to keylogging, taking...
Hackers Can Abuse Windows Container Isolation Framework to Bypass Organization Security Defences

Hackers Abuse Windows Container Isolation Framework to Bypass Security Defences

Recently, cybersecurity researchers at Deep Instinct have asserted that hackers can exploit the Windows container isolation framework to bypass the security defenses and mechanisms of organizations. Containers revolutionize the way applications are packaged and isolated,...
Researchers Discover 12 New LOLBAS Binaries

Researchers Discover 12 New LOLBAS Binaries that are Used by Attackers

Hackers actively leverage LOLBAS (Living-Off-the-Land Binaries-And-Scripts), it's a popular methodology that is used by threat actors for exploiting legit tools for hiding the illicit actions performed by them. Since LOLBAS gaining traction at a rapid...
DarkWatchMan RAT Hides in Windows Registry

Beware! DarkWatchMan RAT Hides in Windows Registry

A phishing website impersonating the popular Russian site CryptoPro CSP has been detected by the Cyble Research and Intelligence Labs (CRIL) in a recent discovery. The distribution of DarkWatchman malware was being carried out by...
Hackers Using Microsoft-signed Malicious Windows Drivers in Ransomware Attacks

Hackers Using Microsoft-signed Malicious Windows Drivers in Ransomware Attacks

Following a series of cyberattacks, including ransomware attacks, Microsoft recently revoked several Microsoft hardware developer accounts. In a coordinated disclosure, the news came from the following entities:- Microsoft Mandiant Sophos SentinelOne Authenticode signatures from Microsoft's Windows Hardware Developer Program have...
Easy Way to Fix Windows Security Not Opening in Windows

Easy Way to Fix Windows Security Not Opening in Windows

Windows Security Center is one of the most popular and trusted products from Microsoft. This product allows you to protect your PC from malware and other threats. However, some users may experience some performance...
Windows Event Log Bugs let Hackers Perform DOS & Remotely Crash Event Log Apps

Windows Event Log Bugs let Hackers Perform DOS & Remotely Crash Event Log Apps

It was revealed recently by security researchers at Varonis Threat Labs, that Microsoft Windows contains two vulnerabilities in Event logs, one of which can be exploited in order to cause a Denial of Service...
Cheerscrypt Linux-based Ransomware Encrypt Both Linux & Windows Systems

Cheerscrypt Linux-based Ransomware Encrypt Both Linux & Windows Systems

In a recent investigation, the Sygnia security firm found Linux-based ransomware, Cheerscrypt. This ransomware was found using the TTPs of Night Sky ransomware. There is a common threat group called Emperor Dragonfly (A.K.A. DEV-0401/BRONZE STARLIGHT)...

Unified Endpoint Management

EHA

Managed WAF

Website

Latest News