Over the last weeks, hundreds of organizations including 2 DOE Agencies, were impacted by ransomware attacks, as a result of the the MOVEit Transfer Vulnerability, CVE-2023-34362. This vulnerability enables attackers to obtain privelege escalation and gain unauthorized access to sensitive data and systems. The threat group’s MO is to encrypt the victim’s data and threaten […]

APT35 (also known as Charming Kitten, Phosphorus, Newscaster, and more) is an Iranian state-sponsored cyber-espionage group that primarily targets governmental organizations, defense contractors, research institutions, and human rights activists. The group’s sophisticated cyber attacks use a variety of tactics, techniques, and procedures (TTPs) such as spear-phishing, social engineering, and malware deployment to obtain data from […]

In March 2023, Microsoft published a critical update notifying users of a vulnerability affecting Microsoft Outlook. This vulnerability (CVE-2023-23397) is exploitable by attackers on Windows-based versions of Outlook. Because it is relatively simple to exploit, doesn’t require any reaction from targeted users, and has a growing number of victims, this vulnerability received a high CVSS […]

Only recently discovered, “Beep” malware is already making headlines in the world of cybersecurity. Designed to fly under the radar of security software with a range of evasion techniques, Beep malware has been targeting Windows systems and has become a cause for serious concern due to its impressive capabilities and high level of sophistication. In […]

ChatGPT: The Hacker’s New Best Friend? Frequently in the news, ChatGPT has become the fastest-growing consumer application in history. The Artificial Intelligence (AI) tool is an AI language model developed by OpenAI, a heavy hitter in artificial intelligence. The ChatGPT app creates coherent and fluent text and is capable of undertaking specific tasks with relatively […]

Agent Tesla, a leading malware threat to organizations, has the ability to steal sensitive information and is continuing to evolve and spread. It is offered as Malware-as-a-Service and is growing in popularity among threat actors. In our latest Campaign of the Month, we explore Agent Tesla’s capabilities and provide a comprehensive technical analysis. You will […]

AWS Lambda, one of AWS’ 200 outstanding services, is an event-driven, serverless computing platform that allows you to run code for applications and backend services without provisioning or managing servers. It is a highly beneficial, innovative platform and popularly used by developers for writing and executing code. However, it is not invulnerable. In our Lambda […]

Multifactor Authentication (MFA) is a popular and crucial security concept used by organizations worldwide. However, it is not invulnerable. A good example of threats to MFA are Adversary in the Middle (AiTM) attacks where adversaries bypass different user authentication techniques while remaining inconspicuous. These types of attacks are growing due to the increasing use of […]

In early August 2022, the Vietnam-based Cybersecurity company GTSC, discovered a zero-day vulnerability in the Microsoft Exchange platform, which received the name “ProxyNotShell”. The Zero Day Initiative (ZDI) acknowledged this as two vulnerabilities – a Server-Side Request Forgery (SSRF) vulnerability and a remote code execution (RCE) vulnerability. Both can be executed, by any user authorized […]