Unveiling the GRU’s Cyber Playbook – Mandiant
In this blog post, we delve into a comprehensive analysis of a recent article published by Mandiant, a part of Google Cloud, titled “The GRU’s Disruptive Playbook”. The article, authored…
In this blog post, we delve into a comprehensive analysis of a recent article published by Mandiant, a part of Google Cloud, titled “The GRU’s Disruptive Playbook”. The article, authored…
In a significant security breach, two US Navy personnel, Jinchao Wei and Wenheng Zhao, were arrested for transmitting sensitive military information to the People’s Republic of China (PRC). The incidents,…
Introduction A recent zero-day vulnerability in Salesforce’s software was exploited by threat actors to phish Facebook credentials. This incident was first reported by Guardio Labs, who detected a sophisticated email…
Introduction Security researchers at Tenable discovered a significant vulnerability in Microsoft’s Power Platform. This vulnerability allowed unauthorized access to cross-tenant applications and sensitive data, including but not limited to authentication…
The recently discovered critical security vulnerability in PaperCut’s NG/MF print management software, tracked as CVE-2023-39143 (NVD), has brought attention to the potential risks posed by unpatched Windows servers. This flaw…
A recent cybersecurity incident has brought to light a malicious Python package on the Python Package Index (PyPI), posing as the VMware vSphere connector module ‘vConnector’. This package, named ‘VMConnect’,…
In the ever-evolving landscape of cybersecurity in 2023, the activities of state-sponsored Advanced Persistent Threat (APT) groups have become a significant area of focus. Among these, the Chinese APT group…
A new emerging threat, Abyss Locker ransomware has been making headlines for its targeted attacks on VMware’s ESXi virtualised environments. IOCs however seem sadly lacking. The Abyss Locker Ransomware Launched…
Google’s annual 0-day vulnerability report has brought to light a persistent issue within the Android platform that increases the risk and usage of disclosed vulnerabilities for extended periods. The report…
CVE-2023-21716 (NVD), a critical flaw in Microsoft Office Word’s RTF parser, has been a focal point in the cybersecurity community since its private disclosure to Microsoft in November 2022. Microsoft…