• Kangundo Road, Nairobi, Kenya
  • support@exoticdigitalaccess.co.ke
  • Opening Time : 07 AM - 10 PM
Chinese Hackers Silently Weaponized VMware Zero-Day Flaw for 2 Years

Chinese Hackers Silently Weaponized VMware Zero-Day Flaw for 2 Years

Jan 20, 2024NewsroomZero Day / Cyber Espionage An advanced China-nexus cyber espionage group previously linked to the exploitation of security flaws in VMware and Fortinet appliances has been linked to the abuse of a critical vulnerability in VMware vCenter Server as a zero-day since late 2021. “UNC3886 has a track record of utilizing zero-day vulnerabilities […]

Read More
Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families

Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families

Jan 12, 2024NewsroomVulnerability / Threat Intelligence As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two zero-day vulnerabilities in Ivanti Connect Secure (ICS) VPN appliances since early December 2023. “These families allow the threat actors to circumvent authentication and provide backdoor access to these devices,” […]

Read More
Malware Using Google MultiLogin Exploit to Maintain Access Despite Password Reset

Malware Using Google MultiLogin Exploit to Maintain Access Despite Password Reset

Jan 03, 2024NewsroomMalware / Data Theft Information stealing malware are actively taking advantage of an undocumented Google OAuth endpoint named MultiLogin to hijack user sessions and allow continuous access to Google services even after a password reset. According to CloudSEK, the critical exploit facilitates session persistence and cookie generation, enabling threat actors to maintain access […]

Read More
British LAPSUS$ Teen Members Sentenced for High-Profile Attacks

British LAPSUS$ Teen Members Sentenced for High-Profile Attacks

Dec 24, 2023NewsroomCyber Crime / Data Breach Two British teens part of the LAPSUS$ cyber crime and extortion gang have been sentenced for their roles in orchestrating a string of high-profile attacks against a number of companies. Arion Kurtaj, an 18-year-old from Oxford, has been sentenced to an indefinite hospital order due to his intent […]

Read More
Experts Reveal New Details on Zero-Click Outlook RCE Exploits

Experts Reveal New Details on Zero-Click Outlook RCE Exploits

Dec 18, 2023NewsroomEmail Security / Vulnerability Technical details have emerged about two now-patched security flaws in Microsoft Windows that could be chained by threat actors to achieve remote code execution on the Outlook email service sans any user interaction. “An attacker on the internet can chain the vulnerabilities together to create a full, zero-click remote […]

Read More
BazaCall Phishing Scammers Now Leveraging Google Forms for Deception

BazaCall Phishing Scammers Now Leveraging Google Forms for Deception

Dec 13, 2023NewsroomCyber Threat / Phishing Attack The threat actors behind the BazaCall call back phishing attacks have been observed leveraging Google Forms to lend the scheme a veneer of credibility. The method is an “attempt to elevate the perceived authenticity of the initial malicious emails,” cybersecurity firm Abnormal Security said in a report published […]

Read More
Russia's AI-Powered Disinformation Operation Targeting Ukraine, U.S., and Germany

Russia’s AI-Powered Disinformation Operation Targeting Ukraine, U.S., and Germany

Dec 05, 2023NewsroomBrandjacking / Artificial Intelligence The Russia-linked influence operation called Doppelganger has targeted Ukrainian, U.S., and German audiences through a combination of inauthentic news sites and social media accounts. These campaigns are designed to amplify content designed to undermine Ukraine as well as propagate anti-LGBTQ+ sentiment, U.S. military competence, and Germany’s economic and social […]

Read More
Google Unveils RETVec - Gmail's New Defense Against Spam and Malicious Emails

Google Unveils RETVec – Gmail’s New Defense Against Spam and Malicious Emails

Nov 30, 2023NewsroomMachine Learning / Email Security Google has revealed a new multilingual text vectorizer called RETVec (short for Resilient and Efficient Text Vectorizer) to help detect potentially harmful content such as spam and malicious emails in Gmail. “RETVec is trained to be resilient against character-level manipulations including insertion, deletion, typos, homoglyphs, LEET substitution, and […]

Read More