News

As search engines became the first point of contact for internet, threat actors are leveraging it for their advantage to spread malware using SEO Poisoning. Loopholes and vulnerabilities in SEO algorithms are used to improve ranking of fake or compromised websites to deceive search engines and unsuspecting users. Malvertising are also used to trick users… Read more: From Search Results to Malware Lures: SEO Poisoning

Qakbot malware also known as Qbot has remained a persistent and formidable adversary since mid-2000s, it emerged as a banking Trojan. Qakbot has evolved and adapted itself against cyber defences to remain in the list of top malwares over a decade.

The Cybersecurity and Infrastructure Security Agency (CISA) issued an important advisory. It focuses on LockBit 3.0 ransomware. This ransomware exploits the CVE-2023-4966 vulnerability, also known as Citrix Bleed​​. LockBit 3.0 targets various critical sectors. It uses Citrix Bleed to bypass multifactor authentication (MFA). This vulnerability is in Citrix NetScaler ADC and Gateway appliances. Citrix Bleed… Read more: LockBit 3.0 and Citrix Bleed Vulnerability (CVE-2023-4966)

The November 2023 Microsoft Patch Tuesday addressed several critical vulnerabilities, it addressed 75 vulnerabilities, with a focus on various critical areas. Three were rated critical, with one being an elevation of privilege in the Windows Common Log File System Driver, allowing attackers to elevate their system privileges. Another critical issue was a remote code execution… Read more: Microsoft’s November 2023 Patch:Confronts Five Zero-Day Threats

The cybersecurity landscape from the week of November 5 to November 11, 2023, was marked by several significant events: Boeing Data Breach by Lockbit: Boeing, a major defense and space contractor, experienced a data breach. Internal data from the company was published online by the cybercrime gang Lockbit. This incident highlights the ongoing threat posed… Read more: Cybersecurity News: Nov 5-Nov 11