Common Scams

The vm2 JavaScript sandbox library has recently been found to contain a critical remote code execution vulnerability, referred to as Sandbreak. This flaw, assigned the identifier CVE-2022-36067, allows for the execution of commands and…

Bot attacks have become a significant threat to businesses in today's digital landscape. However, there are numerous myths and misunderstandings surrounding these attacks, which can hinder effective defense strategies. This article aims to…

In recent news, the Canadian Copper Mountain Mining Corporation (CMMC) has experienced a ransomware attack that has resulted in the temporary shutdown of its mill. As a precautionary measure, the company has implemented risk management…

The first day of the Pwn2Own Vancouver 2023 hacking challenge witnessed successful exploits on various platforms, including Windows 11, Tesla, macOS, and Ubuntu Desktop. Hackers showcased their abilities by leveraging vulnerabilities to…

In recent months, a concerning trend has emerged in North America, where university students are being targeted by scammers with fraudulent job offers. This campaign, which took place from March to June 2023, specifically preyed on students…

Phishing attacks pose a significant threat to individuals' online security and the protection of sensitive information. These attacks involve the use of deceptive tactics by hackers to obtain personal data for malicious purposes. To…

Large-scale Attacks-in-the-Middle (AitM) have emerged as a significant threat to enterprise users in various industries, including fintech, lending, insurance, energy, and manufacturing. These attacks primarily affect organizations in the…

The objective of this article is to provide an overview of the DUCKTAIL malware campaign that targets HR professionals through LinkedIn spear-phishing campaigns. This campaign stands out due to its focus on hijacking Facebook Business…

Penetration testing is a critical process in ensuring the security of systems and networks. This article aims to provide a comprehensive guide to the phases and lifecycle of penetration testing. By simulating real-time cyberattacks,…

Spoofing legitimate domains is a recently emerged phishing technique, known as the BITB Attack, which involves the creation of counterfeit login windows to deceive users into disclosing their credentials. By utilizing HTML/CSS to replicate…