Evasive Panda Exploits CloudScout Toolset to Hijack Cloud Service Sessions in Taiwan
Overview
A recent cybersecurity report disclosed an advanced cyber espionage campaign conducted by the China-affiliated threat actor, Evasive Panda, deploying a novel malware toolset called CloudScout. The operation targets government and religious organizations in Taiwan, stealing session cookies ultimately to compromise cloud services.
The CloudScout toolset operates alongside Evasive Panda’s primary malware, MgBot, to access
WME Blog
Blog Authors
Latest from WME Blog
Migrating to Entra ID (Previously, Azure AD) – The Modern Approach
In 2024, organizations are increasingly looking to modernize their identity and device management strategies. They are doing so by transitioning from on-premises Active Directory (AD) to Entra ID (Previously called Azure Active Directory (AAD)).
This move allows them to utilize a more efficient, cost-effective, and cyber-secure way to manage users, devices, and applications using the cloud.
Microsoft provides several platform…
WME Security Briefing 30 October 2024
Chinese Nation-State Hackers APT41 Target Gambling Industry for Financial Gain
Overview
The Gambling and Poker industry experienced a sophisticated cyber attack last month, orchestrated by the notorious Chinese nation-state group APT41 ( AKA Brass Typhoon, Earth Baku, Wicked Panda or Winnti). This extended operation, which spanned nearly nine months, was a beachhead to steal information of value and perhaps make financial gains.…
AI Adoption in Modern Business – Challenges & Solutions
AI has revolutionized business, but it’s not all sunshine and rainbows. While it offers incredible opportunities for growth and efficiency, there are also huge hurdles to overcome.
Many companies need help integrating AI into their operations. They’re grappling with questions like, “Are we ready for this?” “How do we keep our data safe?” and “What tools should we even use?”…
WME Security Briefing 24 October 2024
Hackers Exploit EDRSilencer to Evade Security Detection
Overview
Threat actors have been observed abusing the EDRSilencer tool as part of their bypass techniques against endpoint detection and response (EDR) solutions to carry out attacks against targeted organizations successfully. EDRSilencer is an open-source utility created to disable selective EDR processes; by exploiting it, attackers can stealthily operate and avoid being detected for their…
WME Security Briefing 21 October 2024
Google’s Transition to Rust Reduces Android Memory Vulnerabilities by Over 50%
Overview
Google has achieved great success improving the safety of Android by switching to the Rust programming language. The company attempts to follow a secure-by-design strategy, focusing on the necessity of having memory-safe programming languages in the system. As a result, over the past six years, the share of…
Beyond Productivity: Power of Copilot Pages, Python-Enhanced Excel, and Smart Agents in Microsoft 365
Microsoft is pushing the boundaries of productivity with the latest updates to Microsoft 365 Copilot. Whether it is Copilot Pages, which promotes AI-based collaboration, or the major enhancements coming in Teams, Excel, and other Microsoft services, there is a lot to learn about the new features and improvements in Copilot. Surely, they will help elevate your business operations.
Here is…
WME Security Briefing 09 October 2024
Remote Control Vulnerabilities in Kia Vehicles
Overview
Famous cybersecurity researchers Neiko Rivera, Sam Curry, and others have identified a series of vulnerabilities in Kia vehicles. The flaws could be exploited to control crucial functions of their cars remotely. Cybercriminals can exploit car users using only the license plate. The identified issues are present in almost all Kia models produced after…
Key Microsoft Azure Trends to Watch in 2025
Cloud computing is changing fast, and Microsoft Azure leads the way. In 2025, key trends will shape how businesses use Azure for growth. IT pros, business leaders, and developers must know these trends.
AI and machine learning in Azure are growing. Businesses will use them to automate and analyze data better. Edge computing, stronger security, and improved cloud management will…
WME Security Briefing 27 September 2024
DragonRank SEO Manipulation Campaign Targeting IIS Servers Across Asia and Europe
Overview
A cyber espionage campaign is targeting IIS servers in several countries across Asia and Europe. The DragonRank campaign emanates from a simplified Chinese-speaking actor and specializes in manipulating search engine rankings through black hat SEO. The victims of this campaign are corporate web servers, which have been hacked to deploy…