Penetration Testing and Security Intelligence

Redis Servers Exploited to Deploy Metasploit Meterpreter Backdoor

Penetration Testing

APRIL 10, 2024

Security experts at AhnLab Security Intelligence Center (ASEC) have sounded the alarm on a new wave of attacks targeting Redis servers.

Penetration Testing

Penetration Testing Security Intelligence Malware

Hackers Exploit Google Ads to Spread Malware Disguised as Popular Software

Penetration Testing

MARCH 31, 2024

A new report released by AhnLab Security Intelligence Center (ASEC) uncovers a disturbing tactic hackers are using to spread malware: they’re leveraging Google Ads tracking features to redirect unsuspecting users to malicious websites.

Penetration Testing

Penetration Testing Software Malware Security Intelligence

Exploited in the Wild: The Alarming Hitron DVR Vulnerabilities

Penetration Testing

JANUARY 30, 2024

In a concerning development in the realm of cybersecurity, the Akamai Security Intelligence Response Team (SIRT) has uncovered a series of critical vulnerabilities in various Hitron DVR models.

Penetration Testing

Penetration Testing Security Intelligence Cybersecurity

LockBit Ransomware: The Hidden Threat in Resume Word Files

Penetration Testing

JANUARY 18, 2024

The AhnLab Security Intelligence Center has uncovered that the LockBit ransomware is being spread through malicious Word files disguised as resumes.

Penetration Testing

Penetration Testing Ransomware Security Intelligence Malware

TargetCompany Ransomware Group Escalates Attacks: New Tools and Persistent Targeting of MS-SQL Servers

Penetration Testing

MAY 1, 2024

The AhnLab Security Intelligence Center (ASEC)... The post TargetCompany Ransomware Group Escalates Attacks: New Tools and Persistent Targeting of MS-SQL Servers appeared first on Penetration Testing.

Penetration Testing

Penetration Testing Ransomware Security Intelligence Malware

Hackers Weaponize Popular Software Framework for Stealthy Data Theft

Penetration Testing

APRIL 23, 2024

In a disturbing new development, cybersecurity experts at AhnLab Security Intelligence Center (ASEC) have revealed a growing trend of infostealer malware abusing the Electron framework.

Software

Software Penetration Testing Security Intelligence Malware

Attackers Exploit Construction Site Trust, Deliver TrollAgent Malware

Penetration Testing

FEBRUARY 22, 2024

Security experts at the AhnLab Security Intelligence Center (ASEC) have recently uncovered a malware distribution campaign targeting a Korean construction-related association website.

Malware

Malware Penetration Testing Security Intelligence Software

Crafty Infostealer Campaign Leverages Fake Adobe Reader Installer, Advanced Tricks to Evade Detection

Penetration Testing

MARCH 11, 2024

Security experts from AhnLab SEcurity intelligence Center (ASEC) have uncovered a sophisticated malware campaign where attackers are tricking users into downloading a dangerous infostealer disguised as a legitimate Adobe Reader installation file.

Penetration Testing

Penetration Testing Security Intelligence Malware

WogRAT Backdoor: The Stealthy Malware Lurking in Online Notepads

Penetration Testing

MARCH 4, 2024

Discovered by the AhnLab Security Intelligence Center (ASEC), WogRAT stands out due to its ability to target both... The post WogRAT Backdoor: The Stealthy Malware Lurking in Online Notepads appeared first on Penetration Testing.

Penetration Testing

Penetration Testing Malware Security Intelligence

New Trigona Ransomware Threat Actor Uses Mimic Ransomware and BCP Utility in Attacks

Penetration Testing

JANUARY 29, 2024

AhnLab Security Intelligence Center (ASEC) has recently uncovered a concerning development in ransomware attacks. This discovery sheds light... The post New Trigona Ransomware Threat Actor Uses Mimic Ransomware and BCP Utility in Attacks appeared first on Penetration Testing.

Ransomware

Ransomware Penetration Testing Security Intelligence Malware

Backdoor Breaches: The Rise of Stealthy Linux System Attacks

Penetration Testing

FEBRUARY 2, 2024

Recently, a detailed report from AhnLab Security Intelligence Center has shed light on the sophisticated strategies employed... The post Backdoor Breaches: The Rise of Stealthy Linux System Attacks appeared first on Penetration Testing.

Penetration Testing

Penetration Testing Security Intelligence Internet Internet

Sophisticated SmokeLoader Campaign Targets Ukrainian Sectors

Penetration Testing

JANUARY 21, 2024

In a recent investigation, researchers at AhnLab Security Intelligence Center (ASEC) have unearthed a sophisticated cyber-espionage campaign targeting various sectors within Ukraine, including the government, public institutions, and key industries.

Penetration Testing

Penetration Testing Security Intelligence Government Malware

ViperSoftX Leverages Deep Learning with Tesseract to Exfiltrate Sensitive Information

Penetration Testing

MAY 19, 2024

AhnLab Security Intelligence Center (ASEC) has uncovered a new tactic employed by the notorious ViperSoftX malware.

Penetration Testing

Penetration Testing Security Intelligence Engineering Malware

Revenge RAT: Unveiling a Tool-Abusing, Fileless Attack

Penetration Testing

FEBRUARY 14, 2024

AhnLab Security Intelligence Center (ASEC) recently sounded the alarm over a cunning Revenge RAT malware campaign.

Penetration Testing

Penetration Testing Security Intelligence Malware

China-based cyberespionage actor seen targeting South America

CSO Magazine

FEBRUARY 15, 2023

China-based cyberespionage actor DEV-0147 has been observed compromising diplomatic targets in South America, according to Microsoft’s Security Intelligence team. To read this article in full, please click here

Penetration Testing

Penetration Testing Security Intelligence

Report Unveils Cybersecurity Leaks in U.S. Drinking Water Systems

SecureWorld News

NOVEMBER 18, 2024

To mitigate these risks, water utilities should: Prioritize cybersecurity: Implement robust cybersecurity practices, including regular vulnerability assessments, penetration testing, and employee training. Invest in security technology: Utilize advanced security technologies to protect critical infrastructure and data.

Cybersecurity

Cybersecurity Risk Penetration Testing Technology

Netflix Phishing Scam: Even the Savviest Streamers Can Fall Victim

Penetration Testing

SEPTEMBER 6, 2024

AhnLab Security Intelligence Center (ASEC) has uncovered a new phishing campaign targeting Netflix users, where cybercriminals are impersonating the popular streaming service to steal sensitive information.

Scams

Scams Phishing Security Intelligence Cybersecurity

Cybercriminals Exploit Legitimate Windows Tool for Cryptojacking

Penetration Testing

SEPTEMBER 10, 2024

The AhnLab Security Intelligence Center (ASEC) has uncovered a concerning trend in cybercrime involving the misuse of Binary Managed Object Files (BMOFs) for the distribution of XMRig, a notorious cryptocurrency... The post Cybercriminals Exploit Legitimate Windows Tool for Cryptojacking appeared first on Cybersecurity News.

Cryptocurrency

Cryptocurrency Cybercrime Security Intelligence Cybersecurity

Mirai Botnet Exploits Zero-Day Vulnerability CVE-2024-7029 in AVTECH IP Cameras

Penetration Testing

AUGUST 28, 2024

Akamai’s Security Intelligence Response Team (SIRT) has discovered a widespread Mirai botnet campaign exploiting a recently disclosed zero-day vulnerability (CVE-2024-7029) in AVTECH IP cameras.

Security Intelligence

Security Intelligence Cybersecurity Malware

French Firms Rocked by Kasbah Hacker?

Krebs on Security

MARCH 2, 2020

An individual thought to be involved has earned accolades from the likes of Apple , Dell , and Microsoft for helping to find and fix security vulnerabilities in their products. In 2018, security intelligence firm HYAS discovered a malware network communicating with systems inside of a French national power company. ”

DNS

DNS Penetration Testing Malware Hacking

Hackers are actively exploiting PHP RCE vulnerability (CVE-2024-4577)

Penetration Testing

JULY 12, 2024

The Akamai Security Intelligence Response Team (SIRT) has observed a... The post Hackers are actively exploiting PHP RCE vulnerability (CVE-2024-4577) appeared first on Cybersecurity News.

Security Intelligence

Security Intelligence Cybersecurity Malware

New MS-SQL Server Attack Campaign Leverages GotoHTTP for Remote Access

Penetration Testing

OCTOBER 5, 2024

Experts from the AhnLab Security Intelligence Center (ASEC) have uncovered new attacks on MS-SQL servers, targeting unsecured accounts and weak passwords.

Security Intelligence

Security Intelligence Passwords Accountability Cybersecurity

InnoLoader Malware Evades Detection Posing as Cracked Software

Penetration Testing

JUNE 29, 2024

The AhnLab Security Intelligence Center (ASEC) has issued a warning about a new breed of malware that disguises itself as cracked software and legitimate tools. This malware, dubbed “InnoLoader,” is far from ordinary.

Software

Software Malware Security Intelligence Cybersecurity

Kimsuky Group’s New Backdoor, HappyDoor, Raises Cybersecurity Concerns

Penetration Testing

JULY 7, 2024

The AhnLab Security Intelligence Center (ASEC) has issued a warning about a new backdoor malware called HappyDoor, linked to the Kimsuky group, a North Korean state-sponsored threat actor.

Cybersecurity

Cybersecurity Security Intelligence Malware

Cybercriminal on Cybercriminal Crime: Ransomware Hijacks CoinMiner

Penetration Testing

JUNE 5, 2024

In an unexpected twist of cybercrime, security researchers at AhnLab Security Intelligence Center (ASEC) have revealed a bizarre case of one criminal gang inadvertently aiding another.

Ransomware

Ransomware Cybercrime Security Intelligence Malware

Cybercriminals Exploit Ebooks to Spread AsyncRAT Malware

Penetration Testing

JULY 11, 2024

A recent report from AhnLab Security Intelligence Center (ASEC) reveals new cyberattacks utilizing a novel method to distribute the AsyncRAT remote access trojan (RAT).

Malware

Malware Security Intelligence Cybersecurity

Urgent Security Alert: HFS Servers Under Attack, Patch Now!

Penetration Testing

JULY 3, 2024

The AhnLab Security Intelligence Center (ASEC) has issued a critical warning for all users of HTTP File Server (HFS): a recently disclosed remote code execution vulnerability (CVE-2024-23692) is actively being exploited by malicious actors.... appeared first on Cybersecurity News.

Security Intelligence

Security Intelligence Cybersecurity Malware

DBatLoader: A Malware Distribution via CMD Files

Penetration Testing

JUNE 27, 2024

AhnLab Security Intelligence Center (ASEC) has issued a warning regarding the re-emergence of the DBatLoader malware, a notorious downloader known for its historical involvement in phishing campaigns.

Malware

Malware Security Intelligence Phishing Cybersecurity

Beware of “How to Fix” Button: New Phishing Emails Trick Users into Executing Malicious Commands

Penetration Testing

JUNE 5, 2024

AhnLab SEcurity Intelligence Center (ASEC) has recently identified a phishing campaign leveraging HTML files distributed via email to execute malicious commands on targeted systems.

Phishing

Phishing Security Intelligence Cybersecurity Malware

Cloud-based security: SECaaS

eSecurity Planet

DECEMBER 30, 2020

To ease these burdens, SECaaS and SOCaaS vendors have emerged as cloud-based security as a service that can collect, analyze, and correlate your information from diverse systems and applications — turning former headaches into actionable information security intelligence. Security as a Service (SECaaS) .

Penetration Testing

Penetration Testing Cybersecurity Antivirus Network Security

Microsoft warns of more disruptive BlueKeep attacks and urges patch installation

Security Affairs

NOVEMBER 8, 2019

Read our latest blog w/ assist from @GossiTheDog & @MalwareTechBlog [link] — Microsoft Security Intelligence (@MsftSecIntel) November 7, 2019. ” Microsoft confirmed that attackers are leveraging an exploit module released for the Metasploit penetration testing platform.

Malware

Malware Penetration Testing Advertising Spyware

5 Stages of the Vulnerability Management Lifecycle

eSecurity Planet

JUNE 15, 2023

This could include vulnerability scanners , configuration assessment tools, or security intelligence platforms. You may need to conduct penetration tests and other assessments to ensure that your systems are secure from threats. Improvement Vulnerability management is a cycle.

Cyber threats

Cyber threats Risk Technology Penetration Testing

Best Managed Security Service Providers (MSSPs)

eSecurity Planet

JANUARY 27, 2022

AT&T’s 2018 acquisition of AlienVault significantly expanded its cybersecurity offerings, which now includes managed vulnerability services, strategy and roadmap planning, risk-based cyber posture assessments, penetration testing services, secure remote access, secure web gateway (SGW), network-based firewall, distributed denial of service (..)

Firewall

Firewall Threat Detection DDOS Marketing

Six Effective Ransomware Risk Reduction Strategies

NopSec

SEPTEMBER 12, 2016

Reducing the Risk of a Ransomware Attack – The Human Element According to the IBM Security Services 2014 Cyber Security Intelligence Index, human error is responsible for almost 95% of all security incidents. Ransomware is no different. Rather, the goal is to identify where processes can be improved.

Ransomware

Ransomware Risk Social Engineering Penetration Testing

Top VC Firms in Cybersecurity of 2022

eSecurity Planet

APRIL 26, 2022

Company Sector Year Status Beyond Identity Identity management 2020 Private Expel Managed security service 2016 Private Tigera Zero trust for K8s 2016 Private Intrinsic Application security 2016 Acquired: VMware HackerOne Penetration testing 2015 Private Virtru Data encryption 2014 Private Cloudflare Cloud infrastructure 2010 NYSE: NET.

Cybersecurity

Cybersecurity Technology Marketing Healthcare

NopSec Cloud Security Module

NopSec

JULY 13, 2016

Particularly in the AWS – Amazon Web Services – environment, in order to assess vulnerabilities in the public cloud each vulnerability scan and/or penetration test needs to be cleared with AWS by filling an authorization form in advance. This creates a convoluted administrative process to authorize the scan in advance.

Penetration Testing

Penetration Testing Risk Malware Software

Cyber Security Awareness and Risk Management

Spinone

DECEMBER 26, 2018

The Global State of Information Security Survey 2017 suggests that companies should look into deploying threat detection tools and processes (including monitoring and analyzing security intelligence information), conducting vulnerability and threat assessments, penetration tests and security information, and event management (SIEM) tools.

Security Awareness

Security Awareness Risk Cyber threats Cyber Risk

Cyber Security Informer

Redis Servers Exploited to Deploy Metasploit Meterpreter Backdoor

Hackers Exploit Google Ads to Spread Malware Disguised as Popular Software

Trending Sources

Exploited in the Wild: The Alarming Hitron DVR Vulnerabilities

LockBit Ransomware: The Hidden Threat in Resume Word Files

TargetCompany Ransomware Group Escalates Attacks: New Tools and Persistent Targeting of MS-SQL Servers

Hackers Weaponize Popular Software Framework for Stealthy Data Theft

Attackers Exploit Construction Site Trust, Deliver TrollAgent Malware

Crafty Infostealer Campaign Leverages Fake Adobe Reader Installer, Advanced Tricks to Evade Detection

WogRAT Backdoor: The Stealthy Malware Lurking in Online Notepads

New Trigona Ransomware Threat Actor Uses Mimic Ransomware and BCP Utility in Attacks

Backdoor Breaches: The Rise of Stealthy Linux System Attacks

Sophisticated SmokeLoader Campaign Targets Ukrainian Sectors

ViperSoftX Leverages Deep Learning with Tesseract to Exfiltrate Sensitive Information

Revenge RAT: Unveiling a Tool-Abusing, Fileless Attack

China-based cyberespionage actor seen targeting South America

Report Unveils Cybersecurity Leaks in U.S. Drinking Water Systems

Netflix Phishing Scam: Even the Savviest Streamers Can Fall Victim

Cybercriminals Exploit Legitimate Windows Tool for Cryptojacking

Mirai Botnet Exploits Zero-Day Vulnerability CVE-2024-7029 in AVTECH IP Cameras

French Firms Rocked by Kasbah Hacker?

Hackers are actively exploiting PHP RCE vulnerability (CVE-2024-4577)

New MS-SQL Server Attack Campaign Leverages GotoHTTP for Remote Access

InnoLoader Malware Evades Detection Posing as Cracked Software

Kimsuky Group’s New Backdoor, HappyDoor, Raises Cybersecurity Concerns

Cybercriminal on Cybercriminal Crime: Ransomware Hijacks CoinMiner

Cybercriminals Exploit Ebooks to Spread AsyncRAT Malware

Urgent Security Alert: HFS Servers Under Attack, Patch Now!

DBatLoader: A Malware Distribution via CMD Files

Beware of “How to Fix” Button: New Phishing Emails Trick Users into Executing Malicious Commands

Cloud-based security: SECaaS

Microsoft warns of more disruptive BlueKeep attacks and urges patch installation

5 Stages of the Vulnerability Management Lifecycle

Best Managed Security Service Providers (MSSPs)

Six Effective Ransomware Risk Reduction Strategies

Top VC Firms in Cybersecurity of 2022

NopSec Cloud Security Module

Cyber Security Awareness and Risk Management

Stay Connected