Cybersec Sentinel - Cybersec Sentinel (Page 15)

Cybersec Sentinel

Cybersec Sentinel: 30+ years of IT expertise, delivering clear, actionable cyber security insights.

Fake LinkedIn Job Offers Hide Dangerous Malware

Fake LinkedIn Job Offers Hide Dangerous Malware

Threat Type: Malware (Dropper and Payload) Exploited Vulnerabilities: macOS systems, social engineering (LinkedIn) Malware Used: COVERTCATCH Threat Score: High (8.2/10) — Targeting macOS and Web3 developers with sophisticated social engineering tactics. Last Threat Observation: September 7, 2024, reported by Vumetric, Mandiant, and other platforms. Overview: A new malware campaign,

Angry Stealer Malware - A Sophisticated Data Theft Tool on the Rise

Angry Stealer Malware - A Sophisticated Data Theft Tool on the Rise

Threat Group: Unknown Threat Type: Info-stealing malware Exploited Vulnerabilities: User accounts, browser data, cryptocurrency wallets Malware Used: Stepasha.exe, MotherRussia.exe Threat Score: High (8.0/10) — Due to its ability to exfiltrate sensitive data stealthily via Telegram and the comprehensive data it targets. Last Threat Observation: September 2024, observed

Minecraft Under Siege: Record-Breaking 3.15 Billion Packet DDoS Attack Marks a New Era of Cyber Threats

Minecraft Under Siege: Record-Breaking 3.15 Billion Packet DDoS Attack Marks a New Era of Cyber Threats

Threat Details: * Threat Group: Unknown (Utilised multiple botnets) * Threat Type: Distributed Denial of Service (DDoS) * Exploited Vulnerabilities: Devices vulnerable to CVE-2023-2231 (e.g., DrayTek Vigor routers, Hikvision IP cameras) * Malware Used: Not specified, but botnets were leveraged * Threat Score: High (9/10) — Due to the unprecedented packet rate and multi-vector

Rust-Based Cicada3301 Targets Virtual Machines and Critical Systems

Rust-Based Cicada3301 Targets Virtual Machines and Critical Systems

Threat Group: Cicada3301 Ransomware Operators Threat Type: Ransomware-as-a-Service (RaaS) Exploited Vulnerabilities: Poorly secured VMware ESXi systems, Weak Passwords, Brute-forcing via Brutus botnet Malware Used: Cicada3301 Ransomware Threat Score: High (8.5/10) — Due to its focus on critical infrastructure (VMware ESXi), advanced encryption techniques, and cross-platform targeting capabilities. Overview Cicada3301

Rising Phobos Ransomware Activity in High-Impact Sectors

Rising Phobos Ransomware Activity in High-Impact Sectors

Threat Group: Phobos Ransomware Operators Threat Type: Ransomware-as-a-Service (RaaS) Exploited Vulnerabilities: Exposed Remote Desktop Protocol (RDP) Ports, Weak Passwords, Phishing Attacks Malware Used: Phobos Ransomware Overview: Phobos ransomware remains a significant and evolving threat, particularly targeting critical sectors such as healthcare, government, and education. Since its emergence in 2019, Phobos

Cybersec Sentinel Is Back—and Better Than Ever!

Cybersec Sentinel Is Back—and Better Than Ever!

After a week of being offline, we’re thrilled to announce that Cybersec Sentinel is back, stronger, and more secure than ever before! This wasn’t just a routine update—this was a strategic overhaul to ensure that Cybersec Sentinel can continue to be your trusted source for cybersecurity advisories

APT Group Citrine Sleet Deploys FudModule Rootkit via Chrome Vulnerability

APT Group Citrine Sleet Deploys FudModule Rootkit via Chrome Vulnerability

Threat Group: Citrine Sleet (North Korea-linked APT group) Threat Type: Advanced Persistent Threat (APT) Exploited Vulnerability: Google Chrome Zero-Day (CVE-2024-7971) Malware Used: FudModule Rootkit Overview A North Korea-linked APT group, known as Citrine Sleet, has been identified exploiting a newly discovered zero-day vulnerability in Google Chrome (CVE-2024-7971). This vulnerability, a

Malware Disguised as GlobalProtect VPN

Malware Disguised as GlobalProtect VPN

Summary Cybersecurity researchers have identified a new malware campaign targeting users in the Middle East. The malware, disguised as the Palo Alto Networks GlobalProtect VPN tool, demonstrates a sophisticated infection chain and utilizes advanced Command and Control (C&C) infrastructure to evade detection. This advisory provides a detailed analysis

Qilin Ransomware Adopts Aggressive Credential Harvesting - October 2024 Update

Qilin Ransomware Adopts Aggressive Credential Harvesting - October 2024 Update

Threat Group: - Qilin (formerly known as "Agenda") Threat Type: - Ransomware-as-a-Service (RaaS) Exploited Vulnerabilities: - Zero-day vulnerabilities, VPN access without multi-factor authentication (MFA), spear-phishing, and remote monitoring tools Malware Used: - Qilin Ransomware, with variants developed in Golang and Rust Threat Score: - High (8.8/10)

KOK08 Ransomware: What to Know

KOK08 Ransomware: What to Know

Overview KOK08 ransomware, identified as a variant of the Matrix ransomware family, is involved in malicious activities including file encryption and data exfiltration. This ransomware uses sophisticated methods that are consistent with the broader trends observed in 2024, where targeted attacks on critical infrastructure and high-value targets have become more