Blog

outlook logo

Unveiling the New ZeroFont Phishing Strategy: Deceiving Outlook with False AV-Scans

As the world of cybersecurity constantly evolves, so do the strategies employed by cybercriminals. A recent adaptation, coined as the “ZeroFont Phishing Technique“, has been making waves in the cybersecurity landscape.  Hackers are utilizing a new trick of using zero-point fonts in emails to make malicious emails appear as safely scanned by security tools in […]

Read More
clorox cyber attack

Analyzing the Consequences of the Clorox Cyber Attack

In August 2024, the internationally acclaimed manufacturer of cleaning products, Clorox, experienced a significant cyber-attack. The aftermath of this breach resulted in a slew of operational disruptions, extending beyond the initial incident and deeply affecting the company’s first quarter results in 2024. The Unveiling of the Cyber Attack According to a recent SEC filing, Clorox […]

Read More
Xenomorph Banking Trojan

The Emerging Threat of Xenomorph Banking Trojan: Targeting U.S. Banks and Crypto Wallets

As technology continues to evolve, so do the methods of cybercriminals. The latest threat to emerge is a new version of the Xenomorph banking Trojan, which has set its sights on over 35 well-established financial institutions across the U.S. and various digital cryptocurrency wallets. Understanding the Xenomorph Banking Trojan Xenomorph, an offshoot of the infamous […]

Read More
cybersecurity

New MalDoc in PDF’ Cyberattack Has Been Discovered

JPCERT, Japan’s computer emergency response team, has recently uncovered a new sophisticated ‘MalDoc in PDF’ cyberattack. This attack, detected in July 2023, cleverly evades detection by concealing malicious Word files within PDF documents.  The file analyzed by JPCERT makes use of polyglots to confuse analysis tools and evade detection. While most scanning engines and tools […]

Read More
Wifi Connection Sign

New “Whiffy Recon” Malware: Triangulating Infected Device Location via Wi-Fi Every Minute

In the ever-evolving landscape of cyber threats, cybersecurity experts are raising concerns about a newly discovered malware strain known as “Whiffy Recon.” This sophisticated malware, uncovered by researchers from Secureworks Counter Threat Unit (CTU), leverages Wi-Fi scanning and Google’s geolocation API to triangulate the location of infected devices. With the capability to continuously track compromised […]

Read More
PowerShell Gallery

Active Flaws in PowerShell Gallery: A Gateway for Supply Chain Attacks

The PowerShell Gallery, a central repository maintained by Microsoft for sharing and acquiring PowerShell code, has recently faced heightened scrutiny due to a series of active vulnerabilities that pose a significant risk of supply chain attacks against its users. These flaws, uncovered by security researchers from Aqua, have shed light on potential weaknesses in the […]

Read More
Ransomware breach, Ransomware response, Data Breach, Cyber Incident Response

Clop Ransomware Adopts Torrents to Leak Stolen Data and Evade Detection

The utilization of ransomware is continuously advancing as cybercriminals discover novel methods to exploit vulnerabilities and optimize their financial gains. An exemplification of this is the Clop ransomware gang, which has recently adapted its tactics by resorting to torrents to disclose stolen data from its victims. By employing this approach, Clop aims to surmount the […]

Read More

The Significance of Insecure Direct Object Reference (IDOR) Vulnerabilities in Web Applications

In our ever-more interconnected world, web applications have become indispensable to our daily lives. They empower us with online shopping, banking, and so much more. However, it is vital to protect the sensitive data handled by these applications from unauthorized access. A recent advisory from the Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber […]

Read More
Penetration Testing, Ethical hacking

New Backdoor Malware Has Been Created Using Leaked CIA’s Hive Malware

A new backdoor malware has been discovered that is believed to have been created using the leaked CIA’s Hive malware. The discovery was made by researchers at the cybersecurity firm, Symantec, who have been monitoring the use of the Hive malware since it was leaked in 2017. The new backdoor, named “Honeycomb,” has been found […]

Read More
Managed Cyber Security

Is there a difference between a MSSP and MSP?

Before we jump into the difference between a managed service provider (MSP) and a managed security provider (MSSP), it’s important to understand what each term means. A managed service provider is a company that provides remote IT services and management for its clients. MSPs typically provide their services on a monthly basis, and they often […]

Read More
Security-Services

Can hackers bypass Multi-factor authentications methods?

Multi-factor authentication (MFA) is an authentication method that requires more than one piece of evidence to verify a user’s identity. Commonly, this includes something the user knows (like a password), something the user has (like a security token), or something the user is (like a fingerprint). Despite the added security that MFA provides, hackers can […]

Read More
Managed Cyber Security Services

Top 4 Cybersecurity Trends 2023: What Should You Expect and Do?

Cybersecurity and its breach are a major headache for many Californian small and medium business owners. Daily, their businesses experience different types of cyberattacks. So, what can we expect to see in the coming year? Which cybersecurity trends will rule 2022 and what network solutions are available to protect your business then? In this post, […]

Read More
Cyber Security Defense Services

Benefits of Managed Security Services

One of the most important decisions you can make for your business is choosing the right security partner. With so many managed security service providers (MSSPs) out there, it’s hard to know who to trust. Here are four reasons why you should choose Purple Shield’s managed security services: 1. We have the expertise you need […]

Read More
Security-Services

Benefits of Ethical Hacking Services

When it comes to keeping your business or organization safe from online threats, you can never be too careful. That’s why more and more companies are turning to ethical hacking services for help. Ethical hackers, also known as white hat hackers, are security experts who use their skills to find vulnerabilities in systems and help […]

Read More