Learn about the latest cyber attacks and vulnerabilities
in our monthly Campaigns.
ChromeLoader, aka, ChoziosiLoader, is part of the browser hijacker malware family and targets both Windows and macOS.
First discovered in February, it is well-known in the cybersecurity community for its high infection rates. It has since seen significant changes and continues to constantly evolve.
ChromeLoader is different from other adware because it has a multi-staged attack flow, combining human engineering, multiple payloads, and various obfuscation techniques. It can also leak data, uninstall Chrome extensions, and disallow access to the chrome extension management page.
While ChromeLoader has not yet been used in a dangerous context, if it falls into the wrong hands, the damage it can cause is significant.
Check out this short preview of our ChromeLoader lab to see what you can learn about this highly infectious malware.
CVE-2024-38063 is a critical Remote Code Execution (RCE) vulnerability affecting the Windows TCP/IP stack systems with IPv6 enabled. This flaw allows remote code execution without […]
Master regreSSHion: Protect Your Systems from Critical Exploits RegreSSHion (CVE-2024-6387) is a severe vulnerability that grants unauthenticated attackers root privileges on vulnerable machines. This is […]
Argo CD, a popular open-source tool for managing Kubernetes applications through GitOps, has a critical security flaw. A recently discovered vulnerability, CVE-2024-31989, exposes Argo CD’s […]
Kerberos is a commonly used authentication protocol that leverages a robust ticket system to identify users. However, the system isn’t without vulnerabilities that attackers can […]
In January 2024, a critical zero-day exploit sent shockwaves through the cybersecurity landscape. Attackers targeted Ivanti products, exploiting a combination of vulnerabilities that had been […]
Quasar is a remote administration tool that allows administrators to connect to and manage remote computers. Over the years, threat actors have modified Quasar to […]
Scattered Spider is a newly discovered threat actor that targets large players in the business enterprise sector. In September of 2023, the group launched a […]
The Lazarus Group, a well-known cybercrime group from North Korea, has carried out sophisticated and large-scale attacks over the years. Its high-profile attacks have gained […]
Our latest Campaign of the Month, “APT40”, offers a deep dive into this sophisticated and malicious cyber espionage group, covering key topics and areas related […]
The Horabot botnet is a sophisticated threat that has been active for over two years, primarily focusing on targets in the Americas. It uses a […]
Over the last weeks, hundreds of organizations including 2 DOE Agencies, were impacted by ransomware attacks, as a result of the the MOVEit Transfer Vulnerability, […]
APT35 (also known as Charming Kitten, Phosphorus, Newscaster, and more) is an Iranian state-sponsored cyber-espionage group that primarily targets governmental organizations, defense contractors, research institutions, […]
In March 2023, Microsoft published a critical update notifying users of a vulnerability affecting Microsoft Outlook. This vulnerability (CVE-2023-23397) is exploitable by attackers on Windows-based […]
Only recently discovered, “Beep” malware is already making headlines in the world of cybersecurity. Designed to fly under the radar of security software with a […]
Agent Tesla, a leading malware threat to organizations, has the ability to steal sensitive information and is continuing to evolve and spread. It is offered […]
AWS Lambda, one of AWS’ 200 outstanding services, is an event-driven, serverless computing platform that allows you to run code for applications and backend services […]
Multifactor Authentication (MFA) is a popular and crucial security concept used by organizations worldwide. However, it is not invulnerable. A good example of threats to […]
In early August 2022, the Vietnam-based Cybersecurity company GTSC, discovered a zero-day vulnerability in the Microsoft Exchange platform, which received the name “ProxyNotShell”. The Zero […]
Metasploit is one of the most widely used exploit frameworks globally; threat actors, penetration testers and red teams alike use it, as it is completely […]
In the never-ending war between cyber criminals and defense teams across the globe, adversaries continue to develop innovative methods to penetrate organizations. One of the […]
“Tropical Scorpius”, a group of threat actors associated with the Cuba Ransomware (aka COLDDRAW), was recently observed deploying the malware with previously undocumented tactics, techniques, […]
Over the past few months, reports about Magniber ransomware infections have been increasing worldwide. Social engineering methods for delivering Magniber have become increasingly sophisticated over […]
On May 19th, 2022, a malware sample uploaded to VirusTotal containing malicious payload, Brute Ratel C4, went undetected by all 56 antiviruses that evaluated it. […]
BluStealer, first detected in May 2021 by Twitter user James_inthe_box, is an information-stealing malware with the ability to steal cyrpto wallet data, swap crypto addresses […]
Conti is a ransomware-as-a-service program and is one of the most prolific ransomwares of the past year. In what is believed to have been an […]
Out of over 200 teams, BCC Grupo Cajamar’s cyber defense team, “Blue’s Boys”, was one of only 13 teams to make it to the finals. […]
And the next stop is – root privileges! Microsoft has recently discovered several vulnerabilities, collectively referred to as Nimbuspwn. This lethal combination could allow an […]
Microsoft’s recently discovered vulnerabilities, collectively referred to as ‘Nimbuspwn’, could allow attackers to elevate privileges to root level privileges (the highest level privileges e.g., administrator) […]