Cybersecurity researchers have flagged a new malicious campaign related to the North Korean state-sponsored threat actor known as Kimsuky that exploits a now-patched vulnerability impacting Microsoft Remote Desktop Services to gain initial access. The activity has been named Larva-24005 by the AhnLab Security Intelligence Center (ASEC). “In some systems, initial access was gained through
Monthly Archives: April 2025
Microsoft confirms that the weekend Entra account lockouts were caused by the invalidation of short-lived user refresh tokens that were mistakenly logged into internal systems. […]
A new Android malware-as-a-service (MaaS) platform named SuperCard X can facilitate near-field communication (NFC) relay attacks, enabling cybercriminals to conduct fraudulent cashouts. The active campaign is targeting customers of banking institutions and card issuers in Italy with an aim to compromise payment card data, fraud prevention firm Cleafy said in an analysis. There is evidence […]
Originally published by Vali Cyber. Written by Nathan Montierth. Recently, three VMware zero-day vulnerabilities (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226) were patched amid concerns of active exploitation. These flaws allow attackers with virtual machine (VM) admin access to escape the guest OS, execute code on the hypervisor, and potentially take control of ESXi hosts—threatening entire multi-tenant cloud and […]
In a rather clever attack, hackers leveraged a weakness that allowed them to send a fake email that seemed delivered from Google’s systems, passing all verifications but pointing to a fraudulent page that collected logins. […]
ClickFix attacks are being increasingly adopted by threat actors of all levels, with researchers now seeing multiple advanced persistent threat (APT) groups from North Korea, Iran, and Russia utilizing the tactic to breach networks. […]
21
Apr
Apr
Today, we’re opening applications for this year’s Google for Startups AI Academy: American Infrastructure cohort.Designed for Seed to Series A startups using AI in criti…
Originally published by Tenable. Written by Shai Morag. Multi-cloud and hybrid environments, on the rise in recent years, have increased the complexity of security. Amid this complexity, risks have increased. But those risks don’t just come from threat actors. In fact, choosing cloud security providers with conflicting priorities can also introduce risk. World-class cloud […]
A large-scale ad fraud operation called ‘Scallywag’ is monetizing pirating and URL shortening sites through specially crafted WordPress plugins that generate billions of daily fraudulent requests. […]
The problem is simple: all breaches start with initial access, and initial access comes down to two primary attack vectors – credentials and devices. This is not news; every report you can find on the threat landscape depicts the same picture. The solution is more complex. For this article, we’ll focus on the device threat […]