Our news
-
Babuk Ransomware-as-a-Service (RaaS) Gaining Popularity
In early 2021, the Babuk ransomware operation emerged, targeting businesses through double-extortion attacks. Multiple large enterprises were attacked, with one victim having to pay $85,000 after negotiations. However, the group faced a setback when their ransomware source code and various encryptors and decryptors were leaked on a Russian-speaking hacking forum in September 2021. Their activities…
-
New “Greatness” Phishing-as-a-Service Tool Already Active in Phishing Campaigns
A new phishing tool called “Greatness” has been discovered and deployed in various phishing campaigns since mid-2022. Security researchers identified several features commonly found in advanced phishing-as-a-service (PaaS) offerings like multi-factor authentication (MFA) bypass, IP filtering, and integration with Telegram bots. Greatness specifically targets victims through Microsoft 365 phishing pages and provides affiliates with an…
-
CISA and FBI Release Joint Advisory in Response to Active Exploitation of PaperCut Vulnerability
CISA and FBI have released a joint Cybersecurity Advisory (CSA), Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG. This joint advisory provides details related to an exploitation of PaperCut MF/NG vulnerability (CVE-2023-27350). FBI observed malicious actors exploit CVE-2023-27350 beginning in mid-April 2023 and continuing through the present. In early May 2023, FBI observed a group…
-
Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG
SUMMARY The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) in response to the active exploitation of CVE-2023-27350. This vulnerability occurs in certain versions of PaperCut NG and PaperCut MF and enables an unauthenticated actor to execute malicious code remotely without credentials. PaperCut released…
-
Vulnerability Summary for the Week of May 1, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which…
-
Vulnerability Summary for the Week of April 24, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries,…
-
Vulnerability Summary for the Week of April 17, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which…
-
Vulnerability Summary for the Week of April 10, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which…
-
Vulnerability Summary for the Week of April 3, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which…
-
Sophisticated Techniques Implemented by ViperSoftX InfoStealer to Evade Detection
A widespread cryptocurrency- and information-stealing malware called ViperSoftX has affected numerous victims across consumer and enterprise sectors throughout Australia, Japan, the U.S., and India. ViperSoftX is a JavaScript-based Remote Access Trojan (RAT) that allows remote access and control over infected machines. This evasive malware has recently adopted advanced encryption and anti-analysis techniques to avoid detection.…