Category: Attack Feeds

– [[{“value”:”Multiple threat actors have been found taking advantage of an attack technique called Sitting Ducks to hijack legitimate domains for using them in phishing attacks and investment fraud schemes for years. The findings come from Infoblox, which said it identified nearly 800,000 vulnerable registered domains over the past three months, of which approximately 9% (70,000) have been subsequently”}]]  –...

– [[{“value”:”Google has revealed that bad actors are leveraging techniques like landing page cloaking to conduct scams by impersonating legitimate sites. “Cloaking is specifically designed to prevent moderation systems and teams from reviewing policy-violating content which enables them to deploy the scam directly to users,” Laurie Richardson, VP and Head of Trust and Safety at Google, said. “The landing”}]]  –...

– Ransomware isn’t just a buzzword; it’s one of the most dreaded challenges businesses face in this increasingly digitized world. Ransomware attacks are not only increasing in frequency but also in sophistication, with new ransomware groups constantly emerging. Their attack methods are evolving rapidly, becoming more dangerous and damaging than ever. Almost all respondents (99.8%) in a recent  – Read...

– Advertising on TikTok is the obvious choice for any company trying to reach a young market, and especially so if it happens to be a travel company, with 44% of American Gen Zs saying they use the platform to plan their vacations. But one online travel marketplace targeting young holidaymakers with ads on the popular video-sharing platform broke GDPR...

– [[{“value”:”Threat actors have been found leveraging a new technique that abuses extended attributes for macOS files to smuggle a new malware called RustyAttr. The Singaporean cybersecurity company has attributed the novel activity with moderate confidence to the infamous North Korea-linked Lazarus Group, citing infrastructure and tactical overlaps observed in connection with prior campaigns, including”}]]  – Read More  – The...

– [[{“value”:” Each year, Cybersecurity Awareness Month serves as a reminder of the critical role that cybersecurity plays in our lives. Every October, LevelBlue champions this initiative which brings awareness to cyber risks, and promotes best practices to protect against growing cyber threats. Throughout the month, we focused the spotlight on cyber resilience – sharing key trends and insights through...

– [[{“value”:”A newly patched security flaw impacting Windows NT LAN Manager (NTLM) was exploited as a zero-day by a suspected Russia-linked actor as part of cyber attacks targeting Ukraine. The vulnerability in question, CVE-2024-43451 (CVSS score: 6.5), refers to an NTLM hash disclosure spoofing vulnerability that could be exploited to steal a user’s NTLMv2 hash. It was patched by Microsoft...

– Fourteen product families affected as 2024 passes an unfortunate milestone  – Read More  – Sophos News 

– [[{“value”:”A threat actor affiliated with Hamas has expanded its malicious cyber operations beyond espionage to carry out disruptive attacks that exclusively target Israeli entities. The activity, linked to a group called WIRTE, has also targeted the Palestinian Authority, Jordan, Iraq, Saudi Arabia, and Egypt, Check Point said in an analysis. “The [Israel-Hamas] conflict has not disrupted the WIRTE’s”}]]  –...

– [[{“value”:”Romanian cybersecurity company Bitdefender has released a free decryptor to help victims recover data encrypted using the ShrinkLocker ransomware. The decryptor is the result of a comprehensive analysis of ShrinkLocker’s inner workings, allowing the researchers to discover a “specific window of opportunity for data recovery immediately after the removal of protectors from BitLocker-encrypted”}]]  – Read More  – The Hacker...

– The rise of SaaS and cloud-based work environments has fundamentally altered the cyber risk landscape. With more than 90% of organizational network traffic flowing through browsers and web applications, companies are facing new and serious cybersecurity threats. These include phishing attacks, data leakage, and malicious extensions. As a result, the browser also becomes a vulnerability that  – Read More ...

– [[{“value”:”A security analysis of the OvrC cloud platform has uncovered 10 vulnerabilities that could be chained to allow potential attackers to execute code remotely on connected devices. “Attackers successfully exploiting these vulnerabilities can access, control, and disrupt devices supported by OvrC; some of those include smart electrical power supplies, cameras, routers, home automation systems, and”}]]  – Read More  –...

– [[{“value”:”The Iranian threat actor known as TA455 has been observed taking a leaf out of a North Korean hacking group’s playbook to orchestrate its own version of the Dream Job campaign targeting the aerospace industry by offering fake jobs since at least September 2023. “The campaign distributed the SnailResin malware, which activates the SlugResin backdoor,” Israeli cybersecurity company ClearSky...

– [[{“value”:”Microsoft on Tuesday revealed that two security flaws impacting Windows NT LAN Manager (NTLM) and Task Scheduler have come under active exploitation in the wild. The security vulnerabilities are among the 90 security bugs the tech giant addressed as part of its Patch Tuesday update for November 2024. Of the 90 flaws, four are rated Critical, 85 are rated...

– [[{“value”:” Data theft has become an undeniable geopolitical weapon, and no player has mastered this art quite like North Korea. Rather than relying solely on traditional hacking methods, the regime has adopted a far more insidious approach — exploiting the vulnerabilities of the job market. This might be why fake job ad scams saw a 28% spike in 2023....

– Microsoft’s November 2024 Patch Tuesday update fixes 91 security vulnerabilities, including four zero-day vulnerabilities. Critical fixes address actively…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” The telecommunications industry, airlines, and some power generation utilities have elevated cyber risks due to digitization and lax security practices, according to a new report from Moody’s Rating that places the sectors in the “high risk” category. The financial ratings service released a cyber heat map Tuesday that looks at the risk profiles of 71 sectors globally and...

– [[{“value”:” Microsoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. November’s patch batch includes fixes for two zero-day vulnerabilities that are already being exploited by attackers, as well as two other flaws that were publicly disclosed prior to today. The zero-day flaw tracked as CVE-2024-49039 is a bug in...

– [[{“value”:” Managed services provider Trustwave and cybersecurity software company Cybereason announced a merger on Tuesday, with the hopes of expanding market share and using each company’s product portfolio to boost the others’ offerings.  Terms were not disclosed. The transaction is supposed to close in early 2025, pending customary closing conditions and regulatory approvals.  The two companies described the merger...

– Aftermath of MOVEit vulnerability: Data vigilante ‘Nam3L3ss’ leaks nearly 8 million employee records from industry giants like Amazon,…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”In episode 24 of The AI Fix, Mark makes an unforgivable error about the Terminator franchise, our hosts wonder if a “seductive” government chatbot will make it easier to talk about tax, a radio station abandons its three month AI experiment after a week, and OpenAI parks its tanks on Google’s lawn. Graham gets cosmic and wonders why we...

– [[{“value”:” President-elect Donald Trump’s selection of Kristi Noem to lead the Department of Homeland Security bodes poorly for the agency’s cybersecurity grants to state and local governments, given her opposition to the program while serving as chief executive of her state. Trump will nominate the South Dakota governor to serve as secretary of DHS, numerous news outlets reported Tuesday....

– [[{“value”:” It’s not quite the holiday season, despite what some early decorators will have you believe. It is the second Tuesday of the month, and that means Adobe and Microsoft have released their regularly scheduled updates. Take a break from your regular activities and join us as we review the details of their latest security alerts. If you’d rather...

– [[{“value”:”Cybersecurity researchers are calling attention to a new sophisticated tool called GoIssue that can be used to send phishing messages at scale targeting GitHub users. The program, first marketed by a threat actor named cyberdluffy (aka Cyber D’ Luffy) on the Runion forum earlier this August, is advertised as a tool that allows criminal actors to extract email addresses...

– [[{“value”:”Cybersecurity researchers have disclosed new security flaws impacting Citrix Virtual Apps and Desktop that could be exploited to achieve unauthenticated remote code execution (RCE) The issue, per findings from watchTowr, is rooted in the Session Recording component that allows system administrators to capture user activity, and record keyboard and mouse input, along with a video stream of the”}]]  –...

– [[{“value”:” United States authorities have publicly released their indictment of two suspected cybercriminals, allegedly responsible for breaking into the cloud platforms used by major companies, including AT&T.  Connor Moucka and John Binns are accused of executing an international hacking and extortion scheme targeting over 10 organizations, with demands for ransom following the theft of sensitive data. They reportedly extorted...

– Romance Scammer Sentenced to 25 Years for Hostage-Taking. The Venezuelan national lured US citizens via online dating and…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– SlashNext researchers have discovered a new, sophisticated phishing tool GoIssue targeting GitHub developers. Learn about its capabilities, the…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”Threat actors with ties to the Democratic People’s Republic of Korea (DPRK aka North Korea) have been found embedding malware within Flutter applications, marking the first time this tactic has been adopted by the adversary to infect Apple macOS devices. Jamf Threat Labs, which made the discovery based on artifacts uploaded to the VirusTotal platform earlier this month, said...

– [[{“value”:” Hackers associated with North Korea were discovered embedding malware inside macOS applications built with an open-source software development kit, according to researchers at Jamf, a company that makes software geared toward mobile device management.  The research, released Tuesday, details malware discovered in November by researchers on VirusTotal, a popular online file analysis tool. While the code was malicious,...

– Behavioral analytics, long associated with threat detection (i.e. UEBA or UBA), is experiencing a renaissance. Once primarily used to identify suspicious activity, it’s now being reimagined as a powerful post-detection technology that enhances incident response processes. By leveraging behavioral insights during alert triage and investigation, SOCs can transform their workflows to become more  – Read More  – The Hacker...

– [[{“value”:”Scammers have leapt at the opportunity to exploit vulnerable UK residents by sending bogus messages telling them they need to take action to receive help with their winter heating bills. Read more in my article on the Tripwire State of Security blog.”}]]  – Read More  – Graham Cluley 

– [[{“value”:”Cybersecurity researchers have flagged a new ransomware family called Ymir that was deployed in an attack two days after systems were compromised by a stealer malware called RustyStealer. “Ymir ransomware introduces a unique combination of technical features and tactics that enhance its effectiveness,” Russian cybersecurity vendor Kaspersky said. “Threat actors leveraged an unconventional blend”}]]  – Read More  – The...

– [[{“value”:” As organizations continue to align their operational strategies with evolving digital ecosystems and technologies, the concept of network resilience has become a priority. A major mindset shift is that modern networks must be designed not just for speed and efficiency but also for flexibility, security, and the ability to hold out against disruptions. Whether due to an influx...

– A vulnerability in Microsoft Bookings can expose your organization to serious security risks. Learn how attackers can exploit…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”In an unusually specific campaign, users searching about the legality of Bengal Cats in Australia are being targeted with the GootLoader malware. “In this case, we found the GootLoader actors using search results for information about a particular cat and a particular geography being used to deliver the payload: ‘Are Bengal Cats legal in Australia?,’” Sophos researchers Trang Tang,...

– TEL AVIV, Israel, 11th November 2024, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News