/ Security News /

Cybersecurity researchers have offered a detailed glimpse into a system called DoubleFeature that’s dedicated to logging the different stages of post-exploitation stemming from the deployment of DanderSpritz, a full-featured malware framework used by the Equation Group. DanderSpritz came to light on April 14, 2017, when a hacking group known as the Shadow Brokers leaked the …

/ Security News /

It’s natural to get complacent with the status quo when things seem to be working. The familiar is comfortable, and even if something better comes along, it brings with it many unknowns. In cybersecurity, this tendency is countered by the fast pace of innovation and how quickly technology becomes obsolete, often overnight. This combination usually …

/ Government Security Alerts /

Summary This Alert announces the CISA Hunt and Incident Response Program (CHIRP) tool. CHIRP is a forensics collection tool that CISA developed to help network defenders find indicators of compromise (IOCs) associated with activity detailed in the following CISA Alerts: Similar to Sparrow—which scans for signs of APT compromise within an M365 or Azure environment—CHIRP …

/ Security News /

Microsoft on Monday released a one-click mitigation software that applies all the necessary countermeasures to secure vulnerable environments against the ongoing widespread ProxyLogon Exchange Server cyberattacks. Called Exchange On-premises Mitigation Tool (EOMT), the PowerShell-based script serves to mitigate against current known attacks using CVE-2021-26855, scan the Exchange Server using the Microsoft Safety Scanner for any deployed …

/ Security News /

A popular jailbreaking tool called “unc0ver” has been updated to support iOS 14.3 and earlier releases, thereby making it possible to unlock almost every single iPhone model using a vulnerability that Apple in January disclosed was actively exploited in the wild. The latest release, dubbed unc0ver v6.0.0, was released on Sunday, according to its lead …

/ Security News /

On August 13, 2016, a hacking unit calling itself “The Shadow Brokers” announced that it had stolen malware tools and exploits used by the Equation Group, a sophisticated threat actor believed to be affiliated to the Tailored Access Operations (TAO) unit of the U.S. National Security Agency (NSA). Although the group has since signed off …

/ Security News /

Russia-linked state-sponsored threat actor known as Sandworm has been linked to a three-year-long stealthy operation to hack targets by exploiting an IT monitoring tool called Centreon. The intrusion campaign — which breached “several French entities” — is said to have started in late 2017 and lasted until 2020, with the attacks particularly impacting web-hosting providers, …

/ Security News /

A Chinese threat actor has developed new capabilities to target air-gapped systems in an attempt to exfiltrate sensitive data for espionage, according to a newly published research by Kaspersky yesterday. The APT, known as Cycldek, Goblin Panda, or Conimes, employs an extensive toolset for lateral movement and information stealing in victim networks, including previously unreported …

/ Security News /

Last week, application security company ImmuniWeb released a new free tool to monitor and measure an organization’s exposure on the Dark Web. To improve the decision-making process for cybersecurity professionals, the free tool crawls Dark Web marketplaces, hacking forums, and Surface Web resources such as Pastebin or GitHub to provide you with a classified schema of …

/ Security News /

The hacking team behind the “unc0ver” jailbreaking tool has released a new version of the software that can unlock every single iPhone, including those running the latest iOS 13.5 version. Calling it the first zero-day jailbreak to be released since iOS 8, unc0ver’s lead developer Pwn20wnd said “every other jailbreak released since iOS 9 used …