Alerts | Guyana National CIRT

AL2023_64 New SprySOCKS malware targets Linux devices in recent Cyber Espionage attacks (September 21, 2023)

A new Linux backdoor called 'SprySOCKS' has raised significant concerns as it targets government agencies in multiple countries, compromising networks to exfiltrate data, steal account credentials, and deploy additional payloads.

Read more about AL2023_64 New SprySOCKS malware targets Linux devices in recent Cyber Espionage attacks (September 21, 2023)

AL2023_63 New phishing campaign utilizes EvilProxy to target Microsoft 365 users (August 22, 2023)

A recent phishing campaign was observed utilizing the EvilProxy phishing tool to hijack Microsoft 365 accounts of high-level personnels at leading companies around the world.

Read more about AL2023_63 New phishing campaign utilizes EvilProxy to target Microsoft 365 users (August 22, 2023)

AL2023_62 Citrix ShareFile vulnerability deemed critical by CISA and exploited in the wild (21st August 2023)

A major Citrix ShareFile secure file transfer vulnerability, identified as CVE-2023-24489, is being targeted by unknown actors, according to CISA.

Read more about AL2023_62 Citrix ShareFile vulnerability deemed critical by CISA and exploited in the wild (21st August 2023)

AL2023_61 Threat actors abuse Google AMP for evasive phishing attacks (August 10, 2023)

Security researchers have issued a warning about an increase in phishing activity exploiting Google Accelerated Mobile Pages (AMP) to bypass email security measures and reach the inboxes of enterprise employees.

Read more about AL2023_61 Threat actors abuse Google AMP for evasive phishing attacks (August 10, 2023)

AL2023_60 Using OCR, new Android spyware steals login information from photos. (2nd August 2023)

Two new Android malware families called 'CherryBlos' and 'FakeTrade' were identified stealing cryptocurrency credentials and funds and conducting frauds.

Read more about AL2023_60 Using OCR, new Android spyware steals login information from photos. (2nd August 2023)