Contenting Logo

News

Entertainment

Science & Technology

Sport

Business & Money

Life

Culture & Art

Hobbies

Sites
Lists
#tags
  1. home
  2. Canary Trap

Canary Trap

8 | Follower

Software

See All

Canary Trap

20.03.2025

Canary Trap’s Bi-Weekly Cyber Roundup - Canary Trap

In this week's round-up, we explore the latest cybersecurity threats and emerging attack techniques. From OBSCURE#BAT malware deploying rootkits via fake CAPTCHA pages, to a new AI jailbreak method that bypasses safeguards across multiple models, and adversaries continuing to evolve their tactics. We’ll also cover a sophisticated Microsoft 365 phishing scam, the persistent risks posed by remote access infrastructure, and KPMG Canada's warning about rising fraud and cybersecurity threats amid shifting supply chains. Finally, we’ll examine how researchers bypassed ChatGPT’s protections using hexadecimal encoding and emojis.

Canary Trap

25.03.2025

PHP Under Attack - Canary Trap

A critical PHP vulnerability, CVE-2024-4577, affecting Windows-based PHP installations, has been actively exploited worldwide since its disclosure in June 2024. Initially believed to be primarily targeting Japan, recent telemetry from GreyNoise confirms that mass exploitation has extended to multiple countries, including the United States, United Kingdom, Singapore, Germany, and India. The vulnerability enables remote code execution (RCE), making it a significant threat to compromised systems.

Canary Trap

01.04.2025

Driver-Based Ransomware Tactics - Canary Trap

The Medusa ransomware group is leveraging a malicious driver, dubbed ABYSSWORKER, in a "bring your own vulnerable driver" (BYOVD) attack to disable endpoint detection and response (EDR) systems. Delivered via a loader packed using the HeartCrypt packer-as-a-service, the driver—smuol.sys—mimics a legitimate CrowdStrike Falcon component and is signed with revoked or stolen certificates from Chinese vendors. Once installed, ABYSSWORKER can terminate processes, disable malware defenses, and remove security callbacks, giving attackers control over the system while evading detection.

Canary Trap

03.04.2025

Canary Trap’s Bi-Weekly Cyber Roundup - Canary Trap

In this week’s roundup, we will explore several pressing cybersecurity developments, from Medusa ransomware attacks that could have significant financial repercussions, to the increasing cybercriminal activity surrounding major events like March Madness. We’ll also discuss the potential risks posed by 23andMe's bankruptcy filing, a lengthy breach by Chinese hackers in an Asian telecom, and the looming end-of-life for Windows 10, which leaves SMBs vulnerable. Additionally, we’ll examine the evolving landscape of ransomware, with a particular focus on critical infrastructure as a prime target.

Contenting Logo
About UsPrivacy PolicyTerms Of UseContact