
LUCR-3: Scattered Spider Getting SaaS-y in the Cloud
LUCR-3 overlaps with groups such as Scattered Spider, Oktapus, UNC3944, and STORM-0875 and is a financially motivated attacker that leverages the Identity Provider (IDP) as initial access into an environment with the goal of stealing Intellectual…
LUCR-3: Scattered Spider Getting SaaS-y in the CloudRead More

APIs: Unveiling the Silent Killer of Cyber Security Risk Across Industries
Introduction In present day interconnected digital ecosystem, Application Programming Interfaces (APIs) perform a pivotal function in enabling seamless communication and knowledge exchange among a variety of application apps and systems. APIs act as bridges, facilitating the…
APIs: Unveiling the Silent Killer of Cyber Security Risk Across IndustriesRead More

Silent Skimmer: A Year-Long Web Skimming Campaign Targeting Online Payment Businesses
A fiscally inspired campaign has been focusing on on the net payment companies in the Asia Pacific, North The usa, and Latin The us with web skimmers for more than a year. The BlackBerry Study and…
Silent Skimmer: A Year-Long Web Skimming Campaign Targeting Online Payment BusinessesRead More

OpenRefine’s Zip Slip Vulnerability Could Let Attackers Execute Malicious Code
A significant-severity security flaw has been disclosed in the open-source OpenRefine data cleanup and transformation instrument that could consequence in arbitrary code execution on affected systems. Tracked as CVE-2023-37476 (CVSS rating: 7.8), the vulnerability is a…
OpenRefine’s Zip Slip Vulnerability Could Let Attackers Execute Malicious CodeRead More

BunnyLoader: New Malware-as-a-Service Threat Emerges in the Cybercrime Underground
Cybersecurity professionals have identified still a different malware-as-a-company (MaaS) risk called BunnyLoader which is currently being marketed for sale on the cybercrime underground. “BunnyLoader delivers several functionalities this kind of as downloading and executing a second-stage…
BunnyLoader: New Malware-as-a-Service Threat Emerges in the Cybercrime UndergroundRead More

Zanubis Android Banking Trojan Poses as Peruvian Government App to Target Users
An emerging Android banking trojan known as Zanubis is now masquerading as a Peruvian authorities application to trick unsuspecting end users into putting in the malware. “Zanubis’s primary an infection path is by way of impersonating…
Zanubis Android Banking Trojan Poses as Peruvian Government App to Target UsersRead More