A New Ransomware Attack Posed as Windows Activator Emerging in Wild With Hidden Functions

Haythem Elmir

A new ransomware distributed by attackers posing as a Windows Activator appearing to be distributed through external network drives. The ransomware found to be active from August 7th and spreading since then. Researchers from 360totalsecurity spotted the ransomware contains hidden configuration function and the information used for encryption. Once the ransomware execution […]

Iran-linked COBALT DICKENS group targets universities in new phishing campaign

Haythem Elmir

Experts from SecureWorks discovered a large phishing campaign targeting universities carried out by an Iran-linked threat actor COBALT DICKENS. Security firm SecureWorks has uncovered a new phishing campaign carried out by COBALT DICKENS APT targeting universities worldwide, it involved sixteen domains hosting more than 300 spoofed websites for 76 universities in 14 countries, […]

Experts warn of possible attacks after PoC code for CVE-2018-11776 Struts flaw was published

Haythem Elmir

The Exploit code for the recently discovered Critical remote code execution vulnerability CVE-2018-11776 in Apache Struts 2 was published on GitHub, experts fear massive attacks. The CVE-2018-11776 vulnerability affects Struts 2.3 through 2.3.34, Struts 2.5 through 2.5.16, and potentially unsupported versions of the popular Java framework. “Possible Remote Code Execution when using results with […]