Welcome to Canary Trap’s “Bi-Weekly Cyber Roundup”. At Canary Trap, it is our mission to keep you up-to-date with the most crucial news in the world of cybersecurity, and this bi-weekly publication is your gateway to the latest news. In this week’s cybersecurity roundup, we cover a series of critical developments impacting cloud infrastructure, enterprise […]
read more
A critical vulnerability tracked as CVE-2025-22457 is actively being exploited by China-linked threat actors, putting over 5,000 Ivanti Connect Secure VPN instances at risk. The stack-based buffer overflow flaw, initially underestimated, enables remote code execution and has prompted the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to add it to its known exploited vulnerabilities catalog. […]
read more
Ransomware attacks have become a significant threat to businesses, capable of incapacitating operations within hours. According to Verizon’s 2024 Data Breach Investigations Report, one-third of all data breaches involve ransomware or similar extortion techniques, affecting 92% of industries. Notably, the 2021 Kaseya incident demonstrated how supply chain vulnerabilities can amplify ransomware’s impact across numerous organizations. […]
read more
Welcome to Canary Trap’s “Bi-Weekly Cyber Roundup”. At Canary Trap, it is our mission to keep you up-to-date with the most crucial news in the world of cybersecurity, and this bi-weekly publication is your gateway to the latest news. In this week’s roundup, we will explore several pressing cybersecurity developments, from Medusa ransomware attacks that […]
read more
The Medusa ransomware group is leveraging a malicious driver, dubbed ABYSSWORKER, in a “bring your own vulnerable driver” (BYOVD) attack to disable endpoint detection and response (EDR) systems. Delivered via a loader packed using the HeartCrypt packer-as-a-service, the driver—smuol.sys—mimics a legitimate CrowdStrike Falcon component and is signed with revoked or stolen certificates from Chinese vendors. […]
read more
A critical PHP vulnerability, CVE-2024-4577, affecting Windows-based PHP installations, has been actively exploited worldwide since its disclosure in June 2024. Initially believed to be primarily targeting Japan, recent telemetry from GreyNoise confirms that mass exploitation has extended to multiple countries, including the United States, United Kingdom, Singapore, Germany, and India. The vulnerability enables remote code […]
read more
Welcome to Canary Trap’s “Bi-Weekly Cyber Roundup”. At Canary Trap, it is our mission to keep you up-to-date with the most crucial news in the world of cybersecurity, and this bi-weekly publication is your gateway to the latest news. In this week’s round-up, we explore the latest cybersecurity threats and emerging attack techniques. From OBSCURE#BAT […]
read more
Hack-for-hire services are reshaping the cybercrime landscape, making cyberattacks more accessible to governments, corporations, and individuals. This emerging industry blurs the line between ethical cybersecurity work and outright criminal activities, with some groups selling hacking tools under the guise of security research. The rise of AI-driven hacking and economic desperation among unemployed tech workers has […]
read more
Threat actors are exploiting AWS misconfigurations to launch phishing campaigns using Amazon Simple Email Service (SES) and WorkMail. Identified as TGR-UNK-0011 (JavaGhost), this group initially focused on website defacement but pivoted to phishing for financial gain in 2022. Rather than exploiting AWS vulnerabilities, the attackers leverage exposed IAM access keys to infiltrate cloud environments, send […]
read more
Welcome to Canary Trap’s “Bi-Weekly Cyber Roundup”. At Canary Trap, it is our mission to keep you up-to-date with the most crucial news in the world of cybersecurity, and this bi-weekly publication is your gateway to the latest news. In this week’s round-up, we’ll explore a range of critical cybersecurity and tech developments, including the […]
read more
If you require our cybersecurity services please share your details below and we will be in touch!
