Website Preloader

The ProcessBolt Platform

agsdix-c370-one-solution

ProcessBolt AI

AI-assisted vendor risk management, and real-time threat monitoring platform. 

agsdix-c370-key-insights

ThreatScape

Attack surface management and security rating solution.

agsdix-c370-manual-reviews

DocAI

Document intelligence and analytics.

agsdix-c370-collaboration

Share Center

Secure and timebound document sharing for the enterprise.

agsdix-c370-integration

Assessment & RFP Response Solution

Answer questionnaires using Knowledge Base and documents with AI assistance.

Cybersecurity News

Understanding the SIG Questionnaire and The Importance of Vendor Risk Management

In today's interconnected business ecosystem, organizations increasingly rely on third-party vendors for essential services, from cloud computing and data processing to customer service and supply chain management. The proliferation of these vendor relationships has...


Astaroth Google Cloud Latin America Mekotio Banking Trojans Cisco Talos
- reports that several countries across Latin America have been subjected to high-volume attacks deploying the Astaroth, Ousaban, and Mekotio banking trojans that involved the exploitation of the Google Cloud Run service since September. Intrusions commenced with the distribution of phishing emails using financial and tax documents, as well as local government communications, as lures, which contain links to Google Cloud Run, a report from Cisco Talos showed. Attackers then use MSI files to ... [Read More]


Campaign Malware Rhadamanthys Stealer Stealer Oil Gas
- By Dylan Duncan Cofense Intelligence is tracking an advanced campaign that is successfully reaching intended targets in the Oil and Gas industry . The campaign delivers an uncommon, but advanced, Malware-as-a-Service information stealer, the Rhadamanthys Stealer . This new and advanced phishing campaign employs a recently updated Malware-as-a-Service (MaaS) within days of law enforcement's takedown of LockBit ransomware group , one of the most active Ransomware-as-a-Service (RaaS). Based on a ... [Read More]


Inet Wireless Daemon Devices Versions Supplicant Wpa Networks
- Android , ChromeOS, and Linux devices are being impacted by a pair of authentication bypass vulnerabilities within open-source Wi-Fi management software wpa_supplicant and the iNet Wireless Daemon of Intel, which could be leveraged to facilitate connections to spoofed versions of legitimate networks or trusted networks without a password, The Hacker News reports. Researchers from Top10VPN discovered that wpa_supplicant versions 2.10 and earlier are impacted by the more severe flaw, tracked as ... [Read More]


Redis Commands System Attackers Migo Instance
- Attackers behind the Migo malware target exposed Redis servers and change key configuration settings to install the cryptominer and gain persistence. Cloud attackers are stepping up their game in a new cryptojacking campaign that targets exposed Redis deployments, researchers warn. Compared to previous attacks against the in-memory data store, the perpetrators make use of certain system weakening commands before installing their cryptocurrency mining malware. Researchers from Cado Security have ... [Read More]


Dll Sideloading Packages Pypi Code Actors Chapvision
- Security researchers have identified a concerning uptick in malicious activities infiltrating open-source platforms and code repositories.  This trend encompasses a wide array of malicious activities, including hosting command-and-control (C2) infrastructure, storing stolen data and disseminating various forms of malware.  In a recent discovery, ReversingLabs reverse engineer Karlo Zanki uncovered two suspicious packages on the Python Package Index (PyPI), named NP6HelperHttptest and ... [Read More]


Threat Moqhao Malware Android Users Cybersecurity
- Cybersecurity threat experts have recently discovered a new variant of the malware named XLoader, commonly known as MoqHao, that has the ability to automatically infect devices without any user interaction. Being termed the MoqHao evolution , this is a new version of the infamous android malware that has been long linked with Roaming Mantis, a financially motivated group of hackers based in China. In this article, we will explore the background of MoqHao Evolution in detail and see how it ... [Read More]


Migo Cado Security Rootkit Malware Redis Campaign
- Security researchers have uncovered a sophisticated malware campaign targeting Redis, a popular data store system. This campaign, dubbed "Migo," employs novel tactics to compromise Redis servers, with the ultimate goal of mining cryptocurrency on Linux hosts. In particular, Cado Security Labs researchers observed that Migo utilizes new Redis system weakening commands to exploit the data store for cryptojacking purposes. Unlike previous attacks targeting Redis, this campaign introduces unique ... [Read More]


Ransomware Ransom Payments Hackers Data Victims
- For many organizations and startups, 2023 was a rough year financially, with companies struggling to raise money and others making cuts to survive. Ransomware and extortion gangs , on the other hand, had a record-breaking year in earnings, if recent reports are anything to go by. It's hardly surprising when you look at the state of the ransomware landscape. Last year saw hackers continue to evolve their tactics to become scrappier and more extreme in efforts to pressure victims into paying ... [Read More]


Qbot Malware December Sophos X Ops Cisco Talos Campaign
- New variants of the QBot malware, also known as Qakbot, have emerged since mid-December despite having been disrupted in August, suggesting continuous testing by the malware developer, reports. Sophos X-Ops researchers discovered that QBot samples deployed in December and January were distributed via a Microsoft Software Installer executable. Improved obfuscation techniques have also been integrated into the new iterations of the malware, which have been using sophisticated AES-256 encryption ... [Read More]


Routers Botnet Moobot Apt28 Credentials Intelligence
- GRU Hackers Commandeered 'Moobot' for Cyberespionage The U.S. federal government says it disrupted a criminal botnet that Russian military intelligence had converted into a platform for global cyberespionage. Law enforcement obtained a warrant to modify hundreds of routers made by Ubiquity that had been infected with "Moobot" malware - one of many variations of the Mirai wormable botnet found in the wild after an anonymous coder leaked source code online in 2017. The malware targets Linux-based ... [Read More]


You May Also Like…

GDPR and Vendor Risk Management

GDPR and Vendor Risk Management

Navigating GDPR Compliance and Vendor Risk Management In today's digital age, our personal data is being collected, stored, and processed at an unprecedented rate. This has raised a myriad of...

read more