Schedule a Demo

Cyber Security

Cyber Security
Cyber Security

Microsoft Defender Vulnerabilities Allow Attackers to Bypass Authentication and Upload Malicious Files

microsoft-defender-vulnerabilities-allow-attackers-to-bypass-authentication-and-upload-malicious-files

Critical flaws uncovered in the network communication between Microsoft Defender for Endpoint (DFE) and its cloud services, allowing post-breach attackers to bypass authentication, spoof data, disclose sensitive information, and even upload malicious files to investigation packages. These vulnerabilities, detailed in a recent analysis by InfoGuard Labs, highlight ongoing risks in endpoint detection and response (EDR) […]

New Chaosbot Leveraging CiscoVPN and Active Directory Passwords to Execute Network Commands

new-chaosbot-leveraging-ciscovpn-and-active-directory-passwords-to-execute-network-commands

ChaosBot surfaced in late September 2025 as a sophisticated Rust-based backdoor targeting enterprise networks. Initial investigations revealed that threat actors gained entry by exploiting compromised CiscoVPN credentials coupled with over-privileged Active Directory service accounts. Once inside, ChaosBot was stealthily deployed via side-loading techniques using the legitimate Microsoft Edge component identity_helper.exe from the C:UsersPublicLibraries directory. The […]

Threat Actors Exploiting SonicWall SSL VPN Devices in Wild to Deploy Akira Ransomware

threat-actors-exploiting-sonicwall-ssl-vpn-devices-in-wild-to-deploy-akira-ransomware

Threat actors have reemerged in mid-2025 leveraging previously disclosed vulnerabilities in SonicWall SSL VPN appliances to deploy Akira ransomware on enterprise networks. Beginning in July, multiple incidents of initial access via unpatched SonicWall devices were reported across North America and EMEA. Attackers exploited CVE-2024-40766, an access control flaw in SonicOS versions up to 7.0.1-5035, enabling […]

KFC Venezuela Alleged Data Breach 1 Million Customer Records Exposed

kfc-venezuela-alleged-data-breach-1-million-customer-records-exposed

A threat actor has allegedly breached KFC Venezuela, offering a database containing the personal and order information of over one million customers for sale on a dark web forum. The data, advertised on October 8, 2025, includes a vast amount of sensitive customer details, posing a significant risk of fraud and identity theft to those […]

APT Hackers Exploit ChatGPT to Create Sophisticated Malware and Phishing Emails

apt-hackers-exploit-chatgpt-to-create-sophisticated-malware-and-phishing-emails

A China-aligned advanced persistent threat (APT) group is actively leveraging OpenAI’s ChatGPT platform to develop malware and craft sophisticated spear-phishing emails for its global campaigns. Security firm Volexity tracks the actor as UTA0388 and has analyzed its operations since June 2025, concluding with high confidence that the group uses Large Language Models (LLMs) to automate […]

New Fully Undetectable FUD Android RAT Hosted on GitHub

new-fully-undetectable-fud-android-rat-hosted-on-github

A sophisticated Android remote access trojan (RAT) has emerged on GitHub, presenting significant security concerns for mobile device users worldwide. The malware, publicly available under the repository “Android-RAT” by user Huckel789, claims to offer fully undetectable (FUD) capabilities that can bypass modern security measures and antivirus detection systems. This malicious software represents a concerning evolution […]

TamperedChef Malware as PDF Editor Harvest Browser Credentials and Allows Backdoor Access

tamperedchef-malware-as-pdf-editor-harvest-browser-credentials-and-allows-backdoor-access

In recent weeks, security teams have observed a surge in malvertising campaigns distributing what appears to be a fully functional PDF editor. Dubbed TamperedChef, this malware masquerades as a legitimate application—AppSuite PDF Editor—leveraging convincing advertisements to lure European organizations and individuals into downloading the installer. Once executed, the installer exhibits expected functionalities for nearly two […]

Ransomware Gangs Leverage Remote Access Tools to Gain Persistence and Evade Defenses

ransomware-gangs-leverage-remote-access-tools-to-gain-persistence-and-evade-defenses

Ransomware operators have shifted from opportunistic malware distribution to highly targeted campaigns that exploit legitimate software for stealth and persistence. Emerging in early 2025, several ransomware families began abusing popular remote access tools—such as AnyDesk and Splashtop—to establish footholds within enterprise networks. By hijacking or silently installing these utilities, adversaries bypass security controls that traditionally […]

New Mic-E-Mouse Attack Let Hackers Exfiltrate Sensitive Data by Exploiting Mouse Sensors

new-mic-e-mouse-attack-let-hackers-exfiltrate-sensitive-data-by-exploiting-mouse-sensors

A novel and alarming cybersecurity threat has emerged, turning an ordinary computer peripheral into a sophisticated eavesdropping device. Researchers have detailed a new technique, dubbed the “Mic-E-Mouse” attack, which allows threat actors to exfiltrate sensitive data by exploiting the high-performance optical sensors found in many modern computer mice. This method can covertly capture and reconstruct […]

Researchers Reversed Asgard Malware Protector to Uncover its Antivirus Bypass Techniques

researchers-reversed-asgard-malware-protector-to-uncover-its-antivirus-bypass-techniques

In recent months, security researchers have turned their attention to Asgard Protector, a sophisticated crypter employed by cybercriminals to obfuscate and deploy malicious payloads. First advertised on underground forums in late 2023, Asgard Protector has gained traction among threat actors for its seamless integration with popular C2 platforms such as LummaC2. By wrapping infostealers and […]