|
By Foresiet
On July 19, 2024, a botched CrowdStrike Falcon sensor update for Windows operating systems led to the largest IT outage in recent history. Although the issue stemmed from a technical malfunction, it inadvertently opened the door for real threat actors to exploit the situation. This incident has triggered a wave of malicious activities, particularly targeting CrowdStrike’s Latin American (LATAM) customers.
|
By Foresiet
The SocGholish malware, also known as FakeUpdates, has resurfaced with new tactics that leverage the BOINC (Berkeley Open Infrastructure Network Computing Client) platform for nefarious purposes. This sophisticated JavaScript downloader malware is now delivering a remote access trojan, AsyncRAT, and utilizing BOINC in a covert cyberattack campaign. This blog will delve into the specifics of this exploit, the implications for cybersecurity, and measures to mitigate the risks.
|
By Foresiet
In a recent development, cybersecurity researchers have identified a new Linux variant of the notorious Play ransomware, also known as Balloonfly and PlayCrypt. This variant specifically targets VMware ESXi environments, signaling a strategic expansion by the threat actors behind it. Trend Micro's report published on Friday highlights the potential for a broader victim pool and more effective ransom negotiations as a result of this evolution.
|
By Foresiet
On Wednesday night, the Indian cryptocurrency platform WazirX experienced a significant cyberattack, resulting in the theft of at least $230 million worth of cryptocurrency. The breach was first detected by several blockchain security companies, including Elliptic, Arkham, and BlockSec. These firms observed large amounts of digital coins being siphoned out of WazirX before the platform acknowledged the security breach.
|
By Foresiet
In today's digital landscape, stealer logs have become a significant threat, targeting sensitive information and compromising security. At Foresiet Threat Intelligence Team, we continuously monitor and analyze these threats to help protect individuals and organizations. Here are the top 5 stealer logs currently affecting users.
|
By Foresiet
In today's digital age, cyber theft has become a rampant issue, with malicious actors constantly devising new ways to exploit vulnerabilities and steal valuable assets. At Foresiet, our mission is to stay ahead of these threats by providing comprehensive threat intelligence and cybersecurity solutions. In our latest investigation, we have uncovered a cryptocurrency wallet potentially linked to a significant cyber heist.
|
By Foresiet
In a concerning trend observed recently, threat actors are increasingly leveraging encoded URLs to bypass secure email gateways (SEGs), posing a significant challenge to email security defenses. According to recent findings by Cofense, there has been a notable uptick in attacks where threat actors manipulate SEGs to encode or rewrite malicious URLs embedded in emails. This tactic exploits vulnerabilities in SEG technologies, allowing malicious links to slip through undetected to unsuspecting recipients.
|
By Foresiet
A significant data breach has compromised the personal information of 442,519 Life360 customers due to a vulnerability in the company's login API. The breach, discovered in March 2024, has exposed sensitive user details, including email addresses, names, and phone numbers. This incident underscores the critical importance of robust cybersecurity measures, particularly for services handling vast amounts of personal data. Exploiting an Unsecured API Endpoint.
|
By Foresiet
The ViperSoftX info-stealing malware has evolved, now utilizing the common language runtime (CLR) to covertly execute PowerShell commands within AutoIt scripts. This sophisticated approach allows ViperSoftX to bypass traditional security measures and remain undetected, posing a significant threat to cybersecurity. Leveraging CLR and AutoIt for Stealth Operations CLR, a core component of Microsoft’s.NET Framework, functions as the execution engine for.NET applications.
|
By Foresiet
In a startling development, the Akira ransomware gang has demonstrated a dramatic reduction in the time it takes to exfiltrate data from compromised servers. According to the BlackBerry Threat Research and Intelligence Team, this cybercriminal group managed to steal data from a Veeam server in just over two hours during a June attack on a Latin American airline.
|
By Foresiet
Imagine, the system can think exactly like human brain, sense the risk, Forecast, react, Protect and correlate the past incident and recover with Self immunity
- July 2024 (24)
- June 2024 (25)
- May 2024 (15)
- April 2024 (9)
- March 2024 (7)
- February 2024 (3)
- June 2023 (2)
- May 2023 (1)
- April 2023 (3)
- March 2023 (1)
- February 2023 (1)
- January 2023 (1)
- September 2021 (2)
- May 2021 (1)
- May 2020 (1)
One Click Digital Risk Protection platform to protect from digital external threats, detect and prevent breach epidemic from surface, deep and Dark web.
Foresiet Digiview uses AI powered engine to identify and forecast the risk based on 100+ unique vectors across on-prem and cloud deployment assess your cyber security posture with Industry benchmarking.
- Digital Risk: Measure your third party / supply chain digital Risk and good cyber hygiene.
- Brand Monitoring and self-healing: Protect from Impersonation, Rogue websites, Fake social pages, mobile applications etc.
- Anti-Phishing Shield: Protect employee from targeted Phishing / Impersonation attack using ML/AI engine.
- Attack surface visibility: Discover / monitor external assets including infrastructure, vulnerable asset.
- Threat Intelligence: Stay updated with latest threat advisory from Social, Deep and Dark web.
- Compliance: Automated way to assess third party / vendor compliance and maturity.
Foresiet DigiRisk is the first platform to cover all of your digital risks, allowing enterprise to focus on the core business.