145,000 ICS Systems & Thousands of HMIs Exposed to Cyber Attacks: A Call for Urgent Action
Introduction: The Alarming State of ICS Security Critical infrastructure is under siege. According to a recent report from Censys, over 145,000 internet-exposed Industrial Control System (ICS) devices are vulnerable, including thousands of unsecured Human-Machine Interfaces (HMIs). These are the gateways to essential services like energy, water, and transportation — systems society cannot function without. […]
New Android Malware: SpyAgent – Screenshots and Spying on Users
What is SpyAgent Android Malware? SpyAgent is a newly discovered Android malware designed to spy on users by taking screenshots and capturing sensitive data. This malicious software is part of a growing trend in cybercrime targeting mobile devices, where attackers aim to compromise users’ privacy and steal valuable information. Features and Capabilities of SpyAgent […]
Androxgh0st Botnet Adopts Mozi Payloads, Expands IoT Reach
Introduction to the Androxgh0st Botnet’s Expansion CloudSEK’s Threat Research team recently published a report uncovering that the Androxgh0st botnet, active since January 2024, has started targeting web servers and exploiting vulnerabilities to infiltrate systems. The findings reveal that Androxgh0st is deploying payloads originally from the Mozi botnet, raising concerns about a potential operational alliance that […]
TSA Floats New Rules Mandating Cyber Incident Reporting for Pipelines and Railroads
Overview of Proposed Rules The Transportation Security Administration (TSA) has proposed new, comprehensive rules aimed at improving cybersecurity across the United States’ critical transportation infrastructure. The rules, if enacted, will formalize and make permanent several temporary directives issued since the infamous ransomware attack on Colonial Pipeline in 2021. The primary goal of these rules […]
New Malware Alert: SharpRhino and Emerging Ransomware Threats in 2024
Quorum Cyber Uncovers SharpRhino Malware Linked to Hunters International Quorum Cyber Incident Response recently identified a new malware strain named SharpRhino, linked to the Hunters International threat group, during a ransomware incident. This malware, written in C#, spreads through a typosquatting domain disguised as Angry IP Scanner, posing a serious security risk. Inside SharpRhino: A […]
AI Discovers Critical Zero-Day Vulnerability in SQLite Through Google’s Big Sleep Framework
Overview of the Zero-Day Vulnerability Discovery November 4, 2024 – Google recently announced the discovery of a zero-day vulnerability in the popular SQLite open-source database, achieved through its AI-powered framework, Big Sleep, previously known as Project Naptime. This breakthrough marks a significant milestone, as Google claims it’s the first real-world vulnerability detected by an AI-driven […]
CrossBarking: New Attack Exploiting Opera’s Private API
Guardio researchers recently uncovered a new browser-based cyberattack, known as “CrossBarking,” that exploits private APIs within the Opera browser, revealing significant security vulnerabilities. Private APIs are typically designed to give web applications secure access to various browser functions—like storage, geolocation, or performance enhancement. Most APIs are publicly accessible and rigorously reviewed, but some browsers, like […]