Attacks

While largely targeting organizations in the APAC region, this company has also been seen targeting organization in Europe, indicating that they may pivot to compromise organizations worldwide in the future. As the initial compromise in this campaign stems from phishing, the best prevention is to provide adequate user education into the latest phishing campaigns. However, this is not adequate as all it takes is one phishing attachment to slip through the cracks and get executed…

Read More

The IRS provided excellent tips for protecting against these types of scams: • File early. OK. The ship may have already sort of sailed on this one, but the earlier you file, the less time cybercriminals have to use your identity to commit fraud.• Watch out for phishing and smishing. The IRS won’t send unsolicited emails or texts. Skip the links and attachments and go straight to the IRS or the applicable state and city…

Read More

Some defensive measures can be taken to lessen the likelihood of infection by AresLoader and other malware strains alike, including: 1. Be cautious when downloading and installing software: AresLoader malware is being spread through deceptive software installers, so it’s important to be careful when downloading and installing new software. Only download software from reputable sources and be wary of any installers that look suspicious or untrustworthy. 2. Keep software up to date: Cybercriminals often exploit…

Read More

Email-based security is one of the most effective methods to help prevent malware infections from occurring in the first place. Utilizing proper email security controls, such as AV scanning and sandboxing for attachments, is highly recommended to help prevent malicious files or URLs from being presented to an end user. In cases where a malicious item may make it through, having strong endpoint security controls, such as an EDR, can help prevent a compromise of…

Read More

To protect against Nexus and other Android banking trojans, users should only download apps from official app stores, keep their devices up to date with the latest security patches, and be cautious of suspicious emails and websites. Additionally, users should enable 2FA wherever possible to add an extra layer of security. https://thehackernews.com/2023/03/nexus-new-rising-android-banking-trojan.html?&web_view=true

Read More

The following ThinServer vulnerabilities are notable: CVE-2023-28756 (CVSS score: 7.5) and CVE-2023-28755 (CVSS score: 9.8), because they could enable an unauthenticated, remote attacker to upload any file to the directory where ThinServer.exe is installed. In addition, a threat actor might use the CVE-2023-28755 vulnerability to replace current executable files with trojanized versions. To reduce security risks, users are urged to update software to the following versions: 11.0.6, 11.1.6, 11.2.7, 12.0.5, 12.1.6, and 13.0.2. Versions 6.x…

Read More

While exploitation was not seen prior to disclosure, it is likely that these vulnerabilities will start to be exploited by attackers who modify the Proof-of-Concept exploit for their own use. This article demonstrates the need to stay up to date on patching, as the patch was released nearly 3 months before these exploits were made public. Additionally, these vulnerabilities demonstrate the need for a defense-in-depth strategy, as many of these cannot be exploited without requiring…

Read More