Unveiling the GRU’s Cyber Playbook – Mandiant
In this blog post, we delve into a comprehensive analysis of a recent article published by Mandiant, a part of Google Cloud, titled “The GRU’s Disruptive Playbook”. The article, authored…
US Navy Personnel Arrested for Espionage Activities Linked to China
In a significant security breach, two US Navy personnel, Jinchao Wei and Wenheng Zhao, were arrested for transmitting sensitive military information to the People’s Republic of China (PRC). The incidents,…
PhishForce – Salesforce Zero-Day Exploitation
Introduction A recent zero-day vulnerability in Salesforce’s software was exploited by threat actors to phish Facebook credentials. This incident was first reported by Guardio Labs, who detected a sophisticated email…
Unauthorised Access to Cross-Tenant Applications in Microsoft Power Platform
Introduction Security researchers at Tenable discovered a significant vulnerability in Microsoft’s Power Platform. This vulnerability allowed unauthorized access to cross-tenant applications and sensitive data, including but not limited to authentication…
Critical Vulnerability CVE-2023-39143 in PaperCut Poses RCE Threat to Unpatched Servers
The recently discovered critical security vulnerability in PaperCut’s NG/MF print management software, tracked as CVE-2023-39143 (NVD), has brought attention to the potential risks posed by unpatched Windows servers. This flaw…
Deceptive Python Package ‘VMConnect’ Targets VMware vSphere Users
A recent cybersecurity incident has brought to light a malicious Python package on the Python Package Index (PyPI), posing as the VMware vSphere connector module ‘vConnector’. This package, named ‘VMConnect’,…
Threat Actor Profile: Volt Typhoon
In the ever-evolving landscape of cybersecurity in 2023, the activities of state-sponsored Advanced Persistent Threat (APT) groups have become a significant area of focus. Among these, the Chinese APT group…
The Rising Threat of Abyss Locker Ransomware to VMware’s ESXi Servers
A new emerging threat, Abyss Locker ransomware has been making headlines for its targeted attacks on VMware’s ESXi virtualised environments. IOCs however seem sadly lacking. The Abyss Locker Ransomware Launched…
The Hidden Dangers of Android’s Patch Delays: N-Days Masquerading as Zero-Days
Google’s annual 0-day vulnerability report has brought to light a persistent issue within the Android platform that increases the risk and usage of disclosed vulnerabilities for extended periods. The report…
CVE-2023-21716: A Critical Heap Corruption Vulnerability in Microsoft Word
CVE-2023-21716 (NVD), a critical flaw in Microsoft Office Word’s RTF parser, has been a focal point in the cybersecurity community since its private disclosure to Microsoft in November 2022. Microsoft…