Government and Military Organizations Persistently Targeted by Dark Pink Hackers

Dark Pink APT hacking group remains highly active, targeting government, military, and education organizations in Indonesia, Brunei, and Vietnam. Their recent attacks show a revamped chain, new persistence mechanisms, and updated data exfiltration tools. Dark Pink splits functionalities and loads implants from memory to evade detection. They utilize spear-phishing emails, DLL side-loading, and private GitHub […]

Ongoing attacks capitalize on critical vulnerability in Zyxel firewalls

Widespread exploitation of a critical command injection vulnerability (CVE-2023-28771) in Zyxel networking devices has been observed, with hackers using it to install malware. The flaw exists in the default configuration of affected firewall and VPN devices, allowing unauthenticated remote code execution through a specially crafted IKEv2 packet to UDP port 500. Zyxel has released patches […]

Disguised as a Windows driver, the Terminator antivirus killer poses a security risk

A threat actor known as Spyboy is promoting a tool called “Terminator” on a Russian hacking forum, claiming it can bypass and terminate various antivirus and security solutions on Windows systems. However, cybersecurity firm CrowdStrike believes it’s a sophisticated Bring Your Own Vulnerable Driver (BYOVD) attack. Terminator is sold for prices ranging from $300 to […]

PowerShell USB Malware Employed by Russian Hackers for Backdoor Deployment

The state-sponsored hacking group known as Gamaredon (also referred to as Armageddon or Shuckworm) from Russia has intensified its targeting of critical organizations in Ukraine’s military and security intelligence sectors. They have employed an updated toolkit and new infection techniques. Previously associated with the FSB, the Russian hackers had been observed using information-stealing malware against […]

Google Enhances Multi-Cloud Networking with Cross-Cloud Interconnect

Google is unveiling new updates to enhance multi-cloud networking with Cross-Cloud Interconnect and Private Service Connect improvements. With Cross-Cloud Interconnect, organizations can establish secure connections between Google Cloud and other public cloud platforms like AWS, Microsoft Azure, and Oracle Cloud Infrastructure. This enables running applications on multiple clouds, hosting SaaS in a multi-cloud environment, and […]