LabHost Exploits Phishing-as-a-Service to Target Canadian Financial Institutions
LabHost leverages PhaaS to attack Canadian banks. LabHost and Frappo offer competing phishing kits. LabRat and LabSend augment campaign management.
Zoom Strengthens Security with Critical Vulnerability Fixes
Zoom fixes critical Windows software flaw. High-severity privilege escalation issue patched. Users urged to update Zoom for protection.
Exploring the Growth of Managed Service Providers with Secure NaaS
Secure NaaS transforms MSP network management. Offers scalable solutions and integrated security. Enables cost savings and focuses on core functions.
Roundcube Webmail Users Alerted to XSS Security Threat
CISA issues alert for Roundcube XSS flaw. Roundcube versions prior to 1.6.3 are affected. Updating systems is crucial to prevent…
Rust-Based Backdoor Targets Mac Users Posing as Visual Studio Update
New Rust-based backdoor poses as Visual Studio. Malware targets macOS, with variants differing slightly. Bitdefender's report links backdoor to ransomware…
Zardoor Backdoor Targets Islamic Charity with Advanced Evasion Techniques
Zardoor malware backdoor targets charity. Uses proxy tools for stealth and persistence. Analysis by Talos reveals technical details.
Fortinet Alerts Users to Actively Exploited SSL VPN Vulnerability
Fortinet warns of actively exploited vulnerability. Disabling SSL VPN suggested as immediate countermeasure. Recent cyberattacks confirm the vulnerability's active exploitation.
Strategic Infiltration: PRC Cyber Group Targets US Critical Infrastructure
Volt Typhoon infiltrates U.S. infrastructure. Group maintained access for over five years. CISA issues detailed threat advisory.
Decoding ‘The Bear and the Shell’: Campaign Targets Russian Government Critics
Cluster25 discovers a Russian-targeting phishing campaign. Attackers deploy NASA-themed emails to install HTTP-Shell. Evidence suggests Russian state-sponsored cyber activity.
Linux Kernel Vulnerability CVE-2023-6200 Enables Code Execution via IPv6
Linux kernel CVE-2023-6200 allows remote code execution. Exploitation possible via ICMPv6 router advertisement packets. Update to kernel version 6.7-rc7 to…