New Research Uncovers Threat Actor Behind Infamous Golden Chickens Malware-as-a-Service

The identity of the individual behind the Golden Chickens malware-as-a-service has been uncovered by cybersecurity experts. The perpetrator, known online as “badbullzvenom,” has been identified in the real world. An extensive 16-month inves…

Yandex Denies Hack – Source Code Leaked on Popular Hacking Forum

The source code of Yandex, the largest IT company in Russia and commonly referred to as the Russian Google, was hacked by attackers. On a well-known hacker site, a Yandex source code repository purportedly stolen by a former employee of the Russian tec…

Hackers Using Sliver Framework as an Alternative to Cobalt Strike & Metasploit

Silver is an open-source command-and-control framework that is becoming increasingly popular among malicious actors at current attacks. As threat actors are opting for this option since it offers a viable alternative to commercial tools such as:- Desig…

Over 6000 Internet-Exposed Cacti Servers are Unpatched for Critical Security Vulnerability

A significant number of servers that use the Cacti software, and are connected to the internet, have not been updated to fix a security vulnerability that is currently being actively exploited by attackers. According to Censys, a platform for managing …

Hackers Compromised CircleCI Employee’s Laptop to Breach the Company’s Systems

CircleCI, a DevOps platform, discovered that malware installed on a CircleCI engineer’s laptop was used by an unauthorized third party to steal a legitimate, 2FA-backed SSO session. On December 16, 2022, this device was compromised. The company’s…

Microsoft Exchange Vulnerabilities Most Exploited by Hackers Targeting Financial Sector

During the month of November, researchers at the cybersecurity firm LookingGlass examined the most significant vulnerabilities in the financial services industry in the United States. The company looked at assets with public internet-facing assets from…

Hackers Use Text-to-SQL Attacks to Break into Your Databases

Recently, a group of researchers successfully demonstrated a new type of attack that utilizes Text-to-SQL models in order to generate malicious code. The most astonishing thing about this malicious code is, it’s enough potential to obtain sensiti…

Dridex Malware Targeting macOS Platform Using New Entry Method

By using email attachments that resemble regular documents, a variant of Dridex (aka Bugat and Cridex), which is a banking malware is spreading to others through macOS. Prior to now, the malware had been targeting Windows, but now it has been switched …