Category Archives: Cybersecurity
Digital Weapons You Must Know About!
What is this Digital Weapon? This type of Malicious Software Weapon is called or for short Malware. This type of software is designed intentionally to hurt and infect your network and computers and their are many type in the wild. Types of Digital Weapon Threats There are many types of malware however the weapons mostly…
COVID-19 Vaccine Email Scams
Online scammers have found another avenue to lure their desperate victims. These scams are being sent through emails stating that you can purchase a vaccine for around $150 and the COVID-19 Vaccines can be delivered within a few days. Doing searches in dark web forums and on messaging app Telegram found seven different offers for…
Microsoft.com is being Spoofed to Phish Office 365 Users
As the title said, the microsoft.com domain is being spoofed to phish office 365 users. This is quite alarming for one, why is Microsoft allowing its domain to be spoofed is beyond me. They can easily fix this with proper SPF, DKIM, and DMARC records within their DNS. In a recent report posted online by…
Hackers Bypassing cPanel 2FA All Day Long
Researchers have discovered quite a big issue with cPanel which Hackers can exploit your 2FA authentication to obtain access to your cPanel Hosting service. What was found by Digtial Defense, Inc. “Digital Defense, Inc., a leader in vulnerability and threat management solutions, today announced that its Vulnerability Research Team (VRT) uncovered a previously undisclosed vulnerability affecting…
Phishing for Microsoft Teams Credentials
Phishing continues to be a pain in everyone’s rear end. This particular Phishing scam aims to rob you from your Microsoft Teams Credentials. Since Microsoft Teams has become a favorable communication tool throughout the world of course hackers are now aiming to phish you into giving them your login information. Abnormal Security said “Because Microsoft…
Cyber-Response Ethical Guidelines is a must read.
Now this was an interesting read from the website ethicsFIRST. They guide you through 12 ethical duties which are listed and explained. Of course some of it seems to be a little on the nose and why did you not ethically choose this path to begin with? Regardless these steps are great for people that…
Mobile Users Falling Victims To URL Spoofing
Yikes, aren’t there enough mobile vulnerabilities already? Now we have to tend to URL Spoofing and determining if the website is real or not? A Rapid7 researcher named Tod Beardsley, which disclosed the vulnerability, said this flaw, is an instance of CWE-451 from the Common Weakness Enumeration. It is cause for concern because these victims…
Hackers From Iran Are Spreading Dharma Ransomware Via RDP Ports
A group of hackers from Iran are targeting worldwide companies that use public-facing Remote Desktop Protocol (RDP) and infecting them with the Dharma Ransomeware. The attackers would lunch their campaign by first scaning ranges of IPs for hosts that contained these vulnerable RDP ports like 3389 which is the default RDP port, afterwards attempt weak…
CISA Alerts in Ongoing Ransomware Exploiting Vulnerabilities in RDP and VPNs
The DHS Cybersecurity & Infrastructure Security Agency (CISA) has issued an alert regarding an on going Nefilim ransomware campaign, after the New Zealand Computer Emergency Response Team (CERT NZ) issuing an alert as well. Nefilim ransomware is the successor of Nemty ransomware and was first discovered in February 2020. The developers of the ransomware conduct…
Russian Sandworm Exploiting Exim Mail Servers
It has been found by the NSA that the Russian Spy Group called BlackEnergy is actively exploiting Exim mail servers with Sandworm. The Exim mail server flaw can be exploited using a email containing a modified “MAIL FROM” field in a Simple Mail Transfer Protocol (SMTP) message. The Russians have been exploiting unpatched Exim servers…