Threat Note

Vulnerabilities

From Cybersecurity Help – Threat actors target Ukrainian government agencies in new wave of SmokeLoader attacks

Between August and September 2023, UAC-0006 attempted to steal millions of hryvnias from organizations. Read More

Samir K October 9, 2023

News

From Cyber Security News – Webwyrm Malware Affects More Than 100,000 Users in 50 Countries

Threat actors are evolving their Tactics, Techniques, and Procedures (TTPs) at an alarming rate. With technological advancements and increased awareness of cybersecurity measures, they continually adapt to exploit vulnerabilities and…

Samir K October 9, 2023

Toolkit

From The Hacker News – Cybercriminals Using EvilProxy Phishing Kit to Target Senior Executives in U.S. Firms

Senior executives working in U.S.-based organizations are being targeted by a new phishing campaign that leverages a popular adversary-in-the-middle (AiTM) phishing toolkit named EvilProxy to conduct credential harvesting and account takeover attacks. Menlo Security said the activity started in July 2023, primarily singling out banking and financial services, insurance, property management and

Samir K October 9, 2023

Vulnerabilities

From Cybersecurity Help – The US, Ukraine, and Israel remain top targets of nation-state hackers

In addition to attacks on Ukraine, Russian threat actors intensified cyber operations against Western countries. Read More

Samir K October 9, 2023

Webinars

From The Hacker News – Webinar: How vCISOs Can Navigating the Complex World of AI and LLM Security

In today's rapidly evolving technological landscape, the integration of Artificial Intelligence (AI) and Large Language Models (LLMs) has become ubiquitous across various industries. This wave of innovation promises improved efficiency and performance, but lurking beneath the surface are complex vulnerabilities and unforeseen risks that demand immediate attention from cybersecurity professionals

Samir K October 9, 2023

Research

From Cyber Security News – OpenAI is Reportedly Developing its Own AI chips

The maker of ChatGPT, OpenAI, is looking at making its own artificial intelligence chips, which are necessary for operating the highly popular chatbot. Those acquainted with the company’s ambitions claim…

Samir K October 9, 2023

News

From The Hacker News – “I Had a Dream” and Generative AI Jailbreaks

"Of course, here's an example of simple code in the Python programming language that can be associated with the keywords "MyHotKeyHandler," "Keylogger," and "macOS," this is a message from ChatGPT followed by a piece of malicious code and a brief remark not to use it for illegal purposes. Initially published by Moonlock Lab, the screenshots of ChatGPT writing code for a keylogger malware is yet

Samir K October 9, 2023

Research

From Schneier on Security – AI Risks

There is no shortage of researchers and industry titans willing to warn us about the potential destructive power of artificial intelligence. Reading the headlines, one would hope that the rapid…

Samir K October 9, 2023

Breaches

From Cyber Security News – MGM Resorts Refused to Pay Hackers’ Ransom Demand in Cyberattack

In recent news, MGM Resorts International took a bold stance in the face of a cyberattack, refusing to give in to ransomware hackers who breached its systems. The incident led…

Samir K October 9, 2023

Vulnerabilities

From Cybersecurity Help – Chinese cyber crooks backdoor low-cost Android devices for ad fraud

The malware is being installed during the supply chain process. Read More

Samir K October 9, 2023

News

From Cyber Security News – GoldDigger Disguises as Fake Android App To Steal Banking Credentials

GoldDigger, a new Android Trojan, imitates a fraudulent Android application and has been discovered to spoof both a Vietnamese government portal and a local energy provider. Since at least June…

Samir K October 9, 2023

Toolkit

From Cyber Security News – Threat Actors Employ Remote Admin Tools to Gain Access over Corporate Networks

Recently, threat actors have adapted tactics, exploiting the appeal of banned apps in specific regions, making users more susceptible to cyberattacks through cleverly crafted campaigns. In a recent campaign, Chinese…

Samir K October 9, 2023

Breaches

From Cybercrime Magazine – APIs: Unveiling the Silent Killer of Cybersecurity Risk Across Industries

Real-world breaches underscore the threat – Seemant Sehgal, CEO, BreachLock New York, N.Y. – Oct. 7, 2023 In today’s interconnected digital ecosystem, Application Programming Interfaces (APIs) play a pivotal role…

Samir K October 8, 2023

Articles

From Graham Cluley – Revealed! The top 10 cybersecurity misconfigurations, as determined by CISA and the NSA

A joint advisory from the United States's National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) has shone a light on the top ten most common cybersecurity misconfigurations…

Samir K October 6, 2023

Vulnerabilities

From Cybersecurity Help – Cyber Security Week in Review: October 6, 2023

The world in brief: Apple, Atlassian, ARM and Qualcomm patch zero-days, NSA and CISA reveal top 10 cybersecurity misconfigs, and more. Read More

Samir K October 6, 2023

From The Hacker News – New EVALUSION ClickFix Campaign Delivers Amatera Stealer and NetSupport RAT

From Cyber Security News – Frentree Partners with AccuKnox to Expand Zero Trust CNAPP Security in South Korea

From Dark Reading – Cursor Issue Paves Way for Credential-Stealing Attacks

From Security Week – Iranian Hackers Target Defense and Government Officials in Ongoing Campaign

From Cyber Security News – TaskHound Tool – Detects Windows Scheduled Tasks Running with Elevated Privileges and Stored Credentials

From Cybersecurity Help – Sanctioned actors turn to stablecoins as evasion tactics grow more sophisticated

From Cybercrime Magazine – Official 2026 Cybersecurity Market Report: Predictions And Statistics

From Cyber Security News – Hackers Leverages Microsoft Entra Tenant Invitations to Launch TOAD Attacks

From Cyber Security News – CISA Warns of Fortinet FortiWeb WAF Vulnerability Exploited in the Wild to Gain Admin Access

From Security Week – DoorDash Says Personal Information Stolen in Data Breach

From The Hacker News – New EVALUSION ClickFix Campaign Delivers Amatera Stealer and NetSupport RAT

From Cyber Security News – Frentree Partners with AccuKnox to Expand Zero Trust CNAPP Security in South Korea

From Dark Reading – Cursor Issue Paves Way for Credential-Stealing Attacks

From Security Week – Iranian Hackers Target Defense and Government Officials in Ongoing Campaign

From Cyber Security News – TaskHound Tool – Detects Windows Scheduled Tasks Running with Elevated Privileges and Stored Credentials

From Cybersecurity Help – Sanctioned actors turn to stablecoins as evasion tactics grow more sophisticated

From Cybersecurity Help – Threat actors target Ukrainian government agencies in new wave of SmokeLoader attacks

From Cyber Security News – Webwyrm Malware Affects More Than 100,000 Users in 50 Countries

From Cybersecurity Help – The US, Ukraine, and Israel remain top targets of nation-state hackers

From Cyber Security News – OpenAI is Reportedly Developing its Own AI chips

From The Hacker News – “I Had a Dream” and Generative AI Jailbreaks

From Schneier on Security – AI Risks

From Cyber Security News – MGM Resorts Refused to Pay Hackers’ Ransom Demand in Cyberattack

From Cybersecurity Help – Chinese cyber crooks backdoor low-cost Android devices for ad fraud

From Cyber Security News – GoldDigger Disguises as Fake Android App To Steal Banking Credentials

From Cybercrime Magazine – APIs: Unveiling the Silent Killer of Cybersecurity Risk Across Industries

From Graham Cluley – Revealed! The top 10 cybersecurity misconfigurations, as determined by CISA and the NSA

From Cybersecurity Help – Cyber Security Week in Review: October 6, 2023