Advanced persistent threat (APT)

From Security Week – Russian Espionage Group Using Ransomware in Attacks

[[{"value":"Russian-speaking espionage group RedCurl has been deploying ransomware on victims’ networks in a recent campaign. The post Russian Espionage Group Using Ransomware in Attacks appeared first on SecurityWeek."}]] Read More

shaikh Saqib March 27, 2025

News

From Cyber Security News – Google Chrome Zero-day Vulnerability Exploited by Hackers in the Wild

Google has released an urgent security update for its Chrome browser after cybersecurity researchers at Kaspersky discovered a zero-day vulnerability being actively exploited by sophisticated threat actors. The vulnerability, identified…

shaikh Saqib March 26, 2025

News

From The Hacker News – Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks

Google has released out-of-band fixes to address a high-severity security flaw in its Chrome browser for Windows that it said has been exploited in the wild as part of attacks targeting organizations in Russia. The vulnerability, tracked as CVE-2025-2783, has been described as a case of "incorrect handle provided in unspecified circumstances in Mojo on Windows." Mojo refers to a

shaikh Saqib March 26, 2025

News

From Cyber Security News – Hackers Exploit Windows MMC Zero-Day Vulnerability to Execute Malicious Code

A sophisticated campaign by Russian threat actors exploiting a critical zero-day vulnerability in the Microsoft Management Console (MMC). The vulnerability, CVE-2025-26633, allows attackers to bypass security features and execute malicious…

shaikh Saqib March 25, 2025

Vulnerabilities

From Cybersecurity Help – Chinese hackers caught spying on major telecom provider in Asia

The group employed a combination of web shells and tunneling methods to facilitate long-term persistence within the network. Read More

Samir K March 25, 2025

News

From Cyber Security News – Jaguar Land Rover Breached by HELLCAT Ransomware Group using Jira Credentials

Luxury automotive manufacturer Jaguar Land Rover (JLR) has become the latest victim of the rapidly emerging HELLCAT ransomware group, with sensitive internal documents and employee data now exposed on hacking…

shaikh Saqib March 17, 2025

News

From Dark Reading – China-Backed Hackers Backdoor US Carrier-Grade Juniper MX Routers

Mandiant researchers found the routers of several unnamed organizations (likely telcos and ISPs) were hacked by UNC3886, and contained a custom backdoor called "TinyShell." Read More

shaikh Saqib March 13, 2025

News

From Security Week – Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers

[[{"value":"China-nexus cyberespionage group caught planting custom backdoors on end-of-life Juniper Networks Junos OS routers. The post Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers appeared first on SecurityWeek."}]] Read More

shaikh Saqib March 12, 2025

Vulnerabilities

From Cybersecurity Help – Cyber Security Week in Review: March 07, 2025

In brief: Russian crypto exchange Garantex seized by police, the US charges Chinese hackers, major Western chatbots are spreading Russian propaganda, and more. Read More

shaikh Saqib March 7, 2025

News

From The Hacker News – 2,500+ Truesight.sys Driver Variants Exploited to Bypass EDR and Deploy HiddenGh0st RAT

A large-scale malware campaign has been found leveraging a vulnerable Windows driver associated with Adlice's product suite to sidestep detection efforts and deliver the Gh0st RAT malware. "To further evade detection, the attackers deliberately generated multiple variants (with different hashes) of the 2.0.2 driver by modifying specific PE parts while keeping the signature valid," Check Point

shaikh Saqib February 25, 2025

News

From Security Week – How China Pinned University Cyberattacks on NSA Hackers

[[{"value":"A researcher dives into Chinese reports attributing cyberattacks on Northwestern Polytechnical University to the NSA’s TAO division. The post How China Pinned University Cyberattacks on NSA Hackers appeared first on…

shaikh Saqib February 21, 2025

News

From Cyber Security News – BadPilot Attacking Network Devices To Expand Russian Seashell Blizzard’s Attacks

Microsoft Threat Intelligence has exposed a subgroup within the Russian state actor Seashell Blizzard, known as the “BadPilot campaign.” This subgroup has been conducting a multiyear operation to compromise Internet-facing…

shaikh Saqib February 13, 2025

News

From Cyber Security News – Hackers Exploiting Ivanti Connect Secure RCE Vulnerability to Install SPAWNCHIMERA Malware

A critical vulnerability in Ivanti Connect Secure (CVE-2025-0282) is being actively exploited by multiple threat actors to deploy an advanced malware variant known as SPAWNCHIMERA. This vulnerability, disclosed in January…

shaikh Saqib February 12, 2025

News

From Cyber Security News – Researchers Unveiled Tactics, Techniques, and Procedures Used by North Korean Hackers

Researchers have shed light recently on the sophisticated tactics, techniques, and procedures (TTPs) employed by North Korean hackers. This comprehensive analysis, spanning nearly three years, focuses on targeted digital threats…

shaikh Saqib February 11, 2025

News

From Cyber Security News – Cisco Hacked – Ransomware Group Allegedly Breach Internal Network & Gained AD Access

Cisco has reportedly fallen victim to a significant data breach, with sensitive credentials from its internal network and domain infrastructure leaked online. The breach is allegedly linked to the Kraken…

shaikh Saqib February 10, 2025