The Rhysida Ransomware Group Claimed: The China Energy Engineering Corporation has been recently added to the Rhysida Ransomware Gang’s list of victims on its Tor leak site. CEEC, a state-owned company in China operating in the energy and infrastructure sectors, stands as one of the nation’s major integrated energy companies with a significant industry presence. … Read more
MagicLine4NX Exploit Supply Chain Attacks: In a collaborative effort, the NCSC and Korea’s National Intelligence Service (NIS) have come together to share a crucial report, sounding the alarm on a recent upsurge in supply chain attacks exploiting a zero-day vulnerability in MagicLine4NX software—unveiled as Operation Dream Magic. These nefarious activities have been traced back to … Read more
Private RSA Key Extraction Research: In a recent study, researchers have uncovered a concerning vulnerability that allows passive network attackers to potentially access private RSA host keys from susceptible SSH servers. This exploit capitalizes on the observation of natural computational faults occurring during the connection establishment process. Delving into the technical landscape, the Secure Shell … Read more
Artificial Intelligence on the Verge of Breakout: Embarking on a journey that traces back to the 1930s, recent progress in generative AI marks significant advancements that extend beyond mere technological innovations, influencing various industries. These state-of-the-art algorithms act as digital maestros, seamlessly orchestrating tasks such as summarizing emails, crafting responses, generating meeting updates, composing slideshows, … Read more
Atomic macOS Stealer AMOS malware: In a concerning development, the ‘ClearFake’ browser update campaign has reached macOS, targeting Apple computers with the Atomic Stealer (AMOS) malware. The narrative began unfolding in July of this year, with ClearFake initially focusing on Windows users. Using deceptive Chrome update prompts on compromised websites through JavaScript injections, the campaign … Read more
HrServ Web Shell: In a digital landscape filled with complexities, a clandestine player has emerged, deploying an enigmatic web shell named HrServ in a suspected advanced persistent threat (APT) assault against an undisclosed government entity in Afghanistan. This elusive web shell, donned with the cryptic moniker “hrserv.dll,” reveals a sophisticated nature, boasting advanced functionalities such … Read more
“Diamond Sleet” Supply Chain Attack: Microsoft recently uncovered a troubling incident involving a supply chain attack, skillfully executed by North Korean hackers. These cyber operatives attached a malicious file to an authentic photo and video editing application installer. In a blog post released on Wednesday, Microsoft Threat Intelligence shed light on the situation, attributing the … Read more
Lockbit Strikes Boeing: Lockbit, a well-known cybercrime group infamous for its extortion tactics involving the theft and subsequent release of sensitive data, recently targeted Boeing, a global giant in defense and space contracting. The group had previously issued a warning, claiming to possess a substantial amount of sensitive data from the aerospace company. Their ultimatum … Read more
Stay Informed, Stay Protected With-increasing reliance on technology, the threat of hacking has become a pressing concern for individuals and organizations alike. It is essential to take proactive steps to protect yourself and your valuable information in the digital realm. In this blog post, we will delve into the intricacies of online safety and share … Read more
Introduction Blockchain and Smart Contracts: The post discusses about the vulnerabilities in Blockchain and smart contracts that have emerged as transformative technologies, promising enhanced security and transparency. However, like any technology, they are not immune to vulnerabilities. In this blog, we will explore the vulnerabilities found in blockchain and smart contracts, their impact, the damage … Read more