Author: Admin
July 30, 2024Ravi LakshmananMobile Security / Spyware A new iteration of a sophisticated Android spyware called Mandragora was found in five apps that were available for download from the Google Play Store and remained undetected for two years. The apps attracted a total of more than 32,000 installs before being removed from the app storefront, Kaspersky said on Monday. Most of the downloads come from Canada, Germany, Italy, Mexico, Spain, Peru and the UK “The new samples included new levels of obfuscation and evasion techniques, such as moving malicious functionality into obfuscated proprietary libraries, using certificate pinning for C2 communication,…
As more people work remotely, IT departments must manage devices spread across cities and countries, relying on VPNs and remote monitoring and management (RMM) tools for system administration. However, like any new technology, RMM tools can also be used maliciously. Threat actors can connect to a victim’s device and run commands, steal data, and remain undetected. This article will look at real-world examples of RMM exploits and show you how to protect your organization against these attacks. What are RMM tools? RMM software simplifies network management by allowing IT professionals to remotely troubleshoot problems, install software, and upload or download…
July 30, 2024Ravi LakshmananMalware/cyber threats Cybersecurity researchers have detailed widespread phishing campaigns targeting small and medium-sized businesses (SMBs) in Poland during May 2024, which led to the deployment of several malware families, such as Tesla agent, Formand Remcos RAT. According to cybersecurity firm ESET, some other regions targeted include Italy and Romania. “The attackers used previously compromised email accounts and company servers not only to distribute malicious emails, but also to host malware and collect stolen data,” ESET researcher Jakub Kalach said in a report released today. Spread over nine waves, these campaigns are distinguished by the use of a…
July 30, 2024Ravi LakshmananCyber espionage / malware A nation-state threat entity known as SideWinder has been attributed to a new cyberespionage campaign targeting ports and maritime facilities in the Indian Ocean and Mediterranean Sea. BlackBerry Research and Intelligence Group, which revealed Due to this activity, countries such as Pakistan, Egypt, Sri Lanka, Bangladesh, Myanmar, Nepal and Maldives are targeted by the phishing campaign. SideWinder, which also goes by the names APT-C-17, Baby Elephant, Hardcore Nationalist, Rattlesnake and Razor Tiger, is believed to be linked to India. It has been in operation since 2012, often using phishing as a vector to…
he Communications and Information Ministry has given six unregistered foreign online travel agents (OTAs) a deadline of March 13 to comply with Indonesian regulations before the government moves to block local access to their platforms.The ministry’s written warning issued on Tuesday to the six firms refers to the government’s licensing framework on its censorship powers and digital taxation policies. “In the event that the six foreign private ESPs [electronic system providers] do not respond to the warning letter, the Communications and Information Ministry can impose administrative sanctions in the form of termination of access to [their platforms],” the ministry stated…
July 30, 2024Ravi LakshmananMalware / Email Security Cybersecurity researchers are warning of a new phishing campaign targeting Microsoft OneDrive users to execute a malicious PowerShell script. “This company relies heavily on social engineering tactics to get users to execute a PowerShell script, thereby compromising their systems,” Rafael Pena, Trellix security researcher. said in Monday’s analysis. A cyber security company is tracking a “cunning” phishing and download campaign called OneDrive Pastejacking. The attack is deployed via an email that contains an HTML file that, when opened, displays an image that mimics the OneDrive page and displays an error message that reads:…
Home » TOURISM NEWS » Mali is surging the tourism industry with visa free travel policy to 24 countries , including United Arab Emirates, Morocco and Indonesia Sunday, July 28, 2024Reading Time: 3 minutesMali, a landlocked country in western Africa, is predominantly situated in the Saharan and Sahelian regions. The landscape of Mali is largely flat and arid, with the Niger River flowing through its interior. This river acts as the main trading and transport artery of the country, periodically flooding to provide fertile agricultural soil and pasture for livestock.Despite being one of the largest countries in Africa, Mali has…
A recently patched security flaw affecting VMware ESXi hypervisors has been actively exploited by “several” ransomware groups to gain elevated permissions and deploy file-encrypting malware. Attacks involve exploitation CVE-2024-37085 (CVSS Score: 6.8), an Active Directory integration authentication bypass that allows an attacker to gain administrative access to a host. “An attacker with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management by re-creating the configured AD group (“ESXi Administrators” by default) after deleting it. from AD, VMware owned by Broadcom noted in a recommendation published at…
Indonesian officials have cross-checked A ransomware attack on Indonesia’s Temporary National Data Center (PDNS) has disrupted various digital public services, including immigration, since Thursday, June 20, 2024. The National Cyber and Crypto Agency (BSSN) confirmed the incident, which has impacted over 200 government agencies at both national and regional levels. According to the head of BSSN Hinsa Siburian, efforts to address the disruption are ongoing in coordination with the Ministry of Communication and Information and other relevant parties. The hacking group behind the attack has demanded an $8 million ransom, which the government has refused to pay, the Washington Post…
Attachments In less than a month, Indonesia was hit with flash floods and a deadly earthquake—and InAWARE was there to help Flooding and landslides in Luwu in early October 2021 were followed by a M4.8 earthquake in Bali less than two weeks later. For the national government of Indonesia, responding to complex and concurrent disasters such as this is not an uncommon scenario. Disaster managers need critical, life-saving information to aid rapid response during large-scale hazards that present potentially devastating impacts. That is why they rely on InAWARE, a customized version of PDC’s powerful DisasterAWARE platform that is used by…