X-Industry

Securonix Threat Research has discovered a sophisticated phishing campaign, “CRON#TRAP,” that leverages a unique approach to infiltrate systems and establish persistent backdoors. This creative attack method involves deploying emulated Linux environments within compromised endpoints, specifically Tiny Core Linux.

Multi-Stage Attack Process of CRON#TRAP - The CRON#TRAP campaign employs a multi-stage attack method to compromise target systems and establish persistent backdoors. The initial infecti

As part of a recently identified cyber operation, the cybersecurity investigators report that a Russia-linked threat actor known as RomCom has been targeting entities supporting Ukraine, including guests at the 2023 NATO Summit taking place July 11-12.  The event takes place in Vilnius, Lithuania.  The NATO Summit has on the agenda talks focusing on the war in Ukraine and new memberships in the organization, including Sweden and Ukraine.

RomCom attackers are spoofing trusted software solutions t

Fortinet warns that a recently addressed FortiOS vulnerability has been exploited by a sophisticated threat actor in highly targeted attacks against governmental and government-related entities.  Patched last week, the bug is tracked as CVE-2022-41328 and is described as a medium-severity path traversal issue leading to command execution.  When it announced the availability of fixes, Fortinet failed to mention that this was actually a zero-day vulnerability.[1]  “An improper limitation of a path