Hackers are abusing the infrastructure of Russian bulletproof hosting provider Proton66 to launch global cyberattacks, including mass scanning, credential brute-forcing, and exploitation attempts. Trustwave SpiderLabs identified this surge in activity beginning in January 2025, noting that previously inactive IP addresses were involved in malicious activity. Ties between Proton66 and other bulletproof networks such as PROSPERO, […]
read more
Ransomware attacks are on the rise, with threat actors like Clop, FunkSec, and Medusa leading a surge in cyber extortion campaigns. February 2025 saw a dramatic spike in victim disclosures, with Clop alone accounting for 35% of all names listed on data-leak sites. This resurgence follows the disruption of several ransomware gangs in late 2024, […]
read more
Welcome to Canary Trap’s “Bi-Weekly Cyber Roundup”. At Canary Trap, it is our mission to keep you up-to-date with the most crucial news in the world of cybersecurity, and this bi-weekly publication is your gateway to the latest news. In this week’s cybersecurity roundup, we cover a series of critical developments impacting cloud infrastructure, enterprise […]
read more
A critical vulnerability tracked as CVE-2025-22457 is actively being exploited by China-linked threat actors, putting over 5,000 Ivanti Connect Secure VPN instances at risk. The stack-based buffer overflow flaw, initially underestimated, enables remote code execution and has prompted the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to add it to its known exploited vulnerabilities catalog. […]
read more
Ransomware attacks have become a significant threat to businesses, capable of incapacitating operations within hours. According to Verizon’s 2024 Data Breach Investigations Report, one-third of all data breaches involve ransomware or similar extortion techniques, affecting 92% of industries. Notably, the 2021 Kaseya incident demonstrated how supply chain vulnerabilities can amplify ransomware’s impact across numerous organizations. […]
read more
Welcome to Canary Trap’s “Bi-Weekly Cyber Roundup”. At Canary Trap, it is our mission to keep you up-to-date with the most crucial news in the world of cybersecurity, and this bi-weekly publication is your gateway to the latest news. In this week’s roundup, we will explore several pressing cybersecurity developments, from Medusa ransomware attacks that […]
read more
The Medusa ransomware group is leveraging a malicious driver, dubbed ABYSSWORKER, in a “bring your own vulnerable driver” (BYOVD) attack to disable endpoint detection and response (EDR) systems. Delivered via a loader packed using the HeartCrypt packer-as-a-service, the driver—smuol.sys—mimics a legitimate CrowdStrike Falcon component and is signed with revoked or stolen certificates from Chinese vendors. […]
read more
A critical PHP vulnerability, CVE-2024-4577, affecting Windows-based PHP installations, has been actively exploited worldwide since its disclosure in June 2024. Initially believed to be primarily targeting Japan, recent telemetry from GreyNoise confirms that mass exploitation has extended to multiple countries, including the United States, United Kingdom, Singapore, Germany, and India. The vulnerability enables remote code […]
read more
Welcome to Canary Trap’s “Bi-Weekly Cyber Roundup”. At Canary Trap, it is our mission to keep you up-to-date with the most crucial news in the world of cybersecurity, and this bi-weekly publication is your gateway to the latest news. In this week’s round-up, we explore the latest cybersecurity threats and emerging attack techniques. From OBSCURE#BAT […]
read more
Hack-for-hire services are reshaping the cybercrime landscape, making cyberattacks more accessible to governments, corporations, and individuals. This emerging industry blurs the line between ethical cybersecurity work and outright criminal activities, with some groups selling hacking tools under the guise of security research. The rise of AI-driven hacking and economic desperation among unemployed tech workers has […]
read more
If you require our cybersecurity services please share your details below and we will be in touch!
