Welcome to Canary Trap’s “Bi-Weekly Cyber Roundup”. At Canary Trap, it is our mission to keep you up-to-date with the most crucial news in the world of cybersecurity, and this bi-weekly publication is your gateway to the latest news. In this week’s roundup, we will explore several pressing cybersecurity developments, from Medusa ransomware attacks that […]
read more
The Medusa ransomware group is leveraging a malicious driver, dubbed ABYSSWORKER, in a “bring your own vulnerable driver” (BYOVD) attack to disable endpoint detection and response (EDR) systems. Delivered via a loader packed using the HeartCrypt packer-as-a-service, the driver—smuol.sys—mimics a legitimate CrowdStrike Falcon component and is signed with revoked or stolen certificates from Chinese vendors. […]
read more
A critical PHP vulnerability, CVE-2024-4577, affecting Windows-based PHP installations, has been actively exploited worldwide since its disclosure in June 2024. Initially believed to be primarily targeting Japan, recent telemetry from GreyNoise confirms that mass exploitation has extended to multiple countries, including the United States, United Kingdom, Singapore, Germany, and India. The vulnerability enables remote code […]
read more
Welcome to Canary Trap’s “Bi-Weekly Cyber Roundup”. At Canary Trap, it is our mission to keep you up-to-date with the most crucial news in the world of cybersecurity, and this bi-weekly publication is your gateway to the latest news. In this week’s round-up, we explore the latest cybersecurity threats and emerging attack techniques. From OBSCURE#BAT […]
read more
Hack-for-hire services are reshaping the cybercrime landscape, making cyberattacks more accessible to governments, corporations, and individuals. This emerging industry blurs the line between ethical cybersecurity work and outright criminal activities, with some groups selling hacking tools under the guise of security research. The rise of AI-driven hacking and economic desperation among unemployed tech workers has […]
read more
Threat actors are exploiting AWS misconfigurations to launch phishing campaigns using Amazon Simple Email Service (SES) and WorkMail. Identified as TGR-UNK-0011 (JavaGhost), this group initially focused on website defacement but pivoted to phishing for financial gain in 2022. Rather than exploiting AWS vulnerabilities, the attackers leverage exposed IAM access keys to infiltrate cloud environments, send […]
read more
Welcome to Canary Trap’s “Bi-Weekly Cyber Roundup”. At Canary Trap, it is our mission to keep you up-to-date with the most crucial news in the world of cybersecurity, and this bi-weekly publication is your gateway to the latest news. In this week’s round-up, we’ll explore a range of critical cybersecurity and tech developments, including the […]
read more
Job termination scams are a phishing tactic where cybercriminals exploit fear and urgency by falsely notifying victims of their dismissal. Unlike traditional job scams that lure victims with fake offers, these attacks impersonate HR departments or legal entities, claiming to include termination details or severance payments. Victims are tricked into clicking malicious links or downloading […]
read more
Ransomware gangs are adapting to stronger enterprise defenses by shifting their tactics. 75% of ransomware incidents in 2024 involved remote access Trojans (RATs), while 17.3% of attacks exploited remote monitoring and management tools like ConnectWise ScreenConnect and TeamViewer. To evade endpoint detection and response (EDR) protections, attackers increasingly steal and extort sensitive data instead of […]
read more
Welcome to Canary Trap’s “Bi-Weekly Cyber Roundup”. At Canary Trap, it is our mission to keep you up-to-date with the most crucial news in the world of cybersecurity, and this bi-weekly publication is your gateway to the latest news. This week’s cybersecurity round-up highlights a range of critical threats and developments. Researchers have uncovered a […]
read more
If you require our cybersecurity services please share your details below and we will be in touch!
