Zero-Day Exploit in Internet Shortcuts: What You Need to Know about CVE-2024-38112
The APT group known as Void Banshee has been conducting spear phishing campaigns at a near global level for several months. The group has been making use of a zero-day exploit found in the rendering engine for Internet Explorer, known as Trident. The final payload for the attack is the Atlantida Stealer malware. This malware […]
Critical SSH Vulnerability (CVE-2024-3094): A Sophisticated Supply Chain Attack
On March 29th, 2024, a shocking revelation by Microsoft software engineer Andres Freund exposed a years-long plot within the open-source community. A malicious actor had successfully planted a backdoor into SSH, earning this vulnerability a critical CVSS score of 10. The backdoor could allow attackers to bypass authentication and execute code remotely on infected systems. […]
Insure Your Security: Protect Against Cyber Risks
The Cost of Non-Compliance: How Cybersecurity Practices Impact Insurance In today’s hyper-connected digital world, the importance of cybersecurity cannot be overstated. With cyber threats evolving at an unprecedented pace, organisations across all industries and sectors are increasingly vulnerable to attacks that can disrupt operations, compromise sensitive data, and inflict significant financial losses. In response, many […]
WHAT is VOLT TYPHOON?
WHAT is VOLT TYPHOON? The more correct question is WHO is Volt Typhoon? Volt Typhoon is a state-supported Chinese cyber operation. As detailed in an advisory released 8 Feb 2024, the ACSC reported that Volt Typhoon has compromised thousands of internet-connected devices as part of a larger effort to infiltrate western critical infrastructure, including naval […]
