Turkish National Charged for DDoS Attack on U.S. Company

  Authorities in the United States charged a Turkish national for launching distributed denial-of-service (DDoS) assaults against a Chicago-based multinational hospitality company using a now-defunct malware botnet.  Izzet Mert Ozek, 32, is accused of launching attacks against the Chicago multinational in August 2017 using WireX, a botnet developed using Android malware.  According to authorities, Ozek’s […]

Continue Reading

Nobelium APT Group Uses Custom Backdoor to Target Windows Domains

  Researchers from Microsoft Threat Intelligence Center (MSTIC) identified FoggyWeb, a new custom malware utilized by the Nobelium APT group to distribute further payloads and steal critical information from Active Directory Federation Services (AD FS) servers.  FoggyWeb is a post-exploitation backdoor utilized by the APT group to remotely exfiltrate the setup databases of affected Active […]

Continue Reading

MSHTML Attack Targets Russian State Rocket Centre and Interior Ministry

  An MSHTML vulnerability listed under CVE-2021-40444 is being used to target Russian entities, as per Malwarebytes.  Malwarebytes Intelligence has detected email attachments directed especially against Russian enterprises. The first template they discovered is structured to resemble an internal communication within JSC GREC Makeyev.  The Joint Stock Company State Rocket Center named after Academician V.P. […]

Continue Reading

Exchange/Outlook Autodiscover Bug Exposed $100K Email Passwords

  Guardicore Security Researcher, Amit Serper identified a critical vulnerability in Microsoft’s autodiscover- the protocol, which permits for the automatic setup of an email account with only the address and password needed.  The vulnerability allows attackers who buy domains containing the word “autodiscover,” such as autodiscover.com or autodiscover.co.uk, to capture the clear-text login details of […]

Continue Reading