Alerts | Guyana National CIRT

AL2023_45 Romcom Malware Spread via Google Ads for ChatGPT, GIMP, more (June 8, 2023)

A new campaign distributing the RomCom backdoor malware is impersonating well-known websites or fictional software, tricking users into downloading and launching malicious installers.

Read more about AL2023_45 Romcom Malware Spread via Google Ads for ChatGPT, GIMP, more (June 8, 2023)

AL2023_44 Android Phones are Vulnerable to Fingerprint Brute-Force Attacks (June 8th, 2023)

Researchers at Tencent Labs and Zhejiang University have discovered a new attack called the 'BrutePrint'.

Read more about AL2023_44 Android Phones are Vulnerable to Fingerprint Brute-Force Attacks (June 8th, 2023)

AL2023_43 Attackers Can Retrieve Master Passwords from Memory Using the KeePass Exploit (31st May 2023)

The well-known password manager KeePass has a flaw that makes it possible to extract the master password from the program's memory, giving hackers

Read more about AL2023_43 Attackers Can Retrieve Master Passwords from Memory Using the KeePass Exploit (31st May 2023)

AL2023_42 Threats actors target Microsoft’s VSCode Marketplace with malicious extensions (May 30, 2023)

Researchers at Check Point discovered several malicious extensions residing on the VSCode marketplace capable of stealing personal information and installing remote shells.

Read more about AL2023_42 Threats actors target Microsoft’s VSCode Marketplace with malicious extensions (May 30, 2023)

AL2023_41 MalasLocker Ransomware targeting Zimbra Servers (May 17, 2023) 

MalasLocker is a special type of ransomware that targets Zimbra servers, encrypts data, and instructs victims to donate to charity rather than paying the standard ransom. 

Read more about AL2023_41 MalasLocker Ransomware targeting Zimbra Servers (May 17, 2023)