Category: Attack Feeds

– Service accounts are vital in any enterprise, running automated processes like managing applications or scripts. However, without proper monitoring, they can pose a significant security risk due to their elevated privileges. This guide will walk you through how to locate and secure these accounts within Active Directory (AD), and explore how Silverfort’s solutions can help enhance your  – Read...

– [[{“value”:”Cybersecurity researchers have discovered a number of suspicious packages published to the npm registry that are designed to harvest Ethereum private keys and gain remote access to the machine via the secure shell (SSH) protocol. The packages attempt to “gain SSH access to the victim’s machine by writing the attacker’s SSH public key in the root user’s authorized_keys file,”...

– [[{“value”:”Two malware families that suffered setbacks in the aftermath of a coordinated law enforcement operation called Endgame have resurfaced as part of new phishing campaigns. Bumblebee and Latrodectus, which are both malware loaders, are designed to steal personal data, along with downloading and executing additional payloads onto compromised hosts. Tracked under the names BlackWidow, IceNova, Lotus,”}]]  – Read More ...

– [[{“value”:”VMware has released software updates to address an already patched security flaw in vCenter Server that could pave the way for remote code execution. The vulnerability, tracked as CVE-2024-38812 (CVSS score: 9.8), concerns a case of heap-overflow vulnerability in the implementation of the DCE/RPC protocol. “A malicious actor with network access to vCenter Server may trigger this vulnerability by”}]] ...

– [[{“value”:” Welcome to the first day of Pwn2Own Ireland 2024! We have four tremendous days of research planned, including multiple SOHO attempts. We’ll be updating this blog in real time as results become available. We have a full schedule of attempts today, so stay tuned! All times are Irish Standard Time (GMT +1:00). “}]]  – Read More  – Zero...

– [[{“value”:”The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting ScienceLogic SL1 to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation as a zero-day. The vulnerability in question, tracked as CVE-2024-9537 (CVSS v4 score: 9.3), refers to a bug involving an unspecified third-party component that could”}]]  – Read More  –...

– The Internet Archive (Archive.org) suffered a second security breach in October 2024, exposing support tickets through unrotated Zendesk…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” The Justice Department has formally proposed new regulations that would prevent or restrict the selling and transferring of Americans’ sensitive personal data to adversarial countries. The proposed rule, first previewed in March, stems from an executive order issued by the Biden administration in February and imposes a series of restrictions on how American entities can sell “bulk” sensitive...

– [[{“value”:” Welcome to Pwn2Own Ireland 2024 – our first event ever from the emerald isle! This year’s contest is set to be one of our largest ever – both in terms of entries and potential prizes. If everything hits, we will end up paying out over $1,000,000 in cash and prizes. We’ve got four days of exciting competition ahead....

– A hacker known as “TAINTU” is advertising a “Top Secret U.S. Space Force Military Technology Archive” for sale,…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” The cybersecurity firm Sophos agreed to acquire Secureworks in an all-cash transaction valued at $859 million, the two companies announced Monday. Sophos, a privately owned United Kingdom-based cybersecurity firm, said it intends to integrate security solutions for all small, mid-sized and enterprise customers focusing on automated prevention, detection, and response using artificial intelligence.  “Secureworks’ renowned expertise in cybersecurity...

– [[{“value”:”The prolific Chinese nation-state actor known as APT41 (aka Brass Typhoon, Earth Baku, Wicked Panda, or Winnti) has been attributed to a sophisticated cyber attack targeting the gambling and gaming industry. “Over a period of at least six months, the attackers stealthily gathered valuable information from the targeted company including, but not limited to, network configurations, user passwords,”}]]  –...

– [[{“value”:” The U.S. government has announced a reward of up to $10 million for information about the Russian media organization Rybar and its employees, amid allegations it’s involved in spreading propaganda aimed at influencing the upcoming U.S. presidential election. According to the State Department’s Rewards for Justice Program, Rybar has been accused of using its extensive social media reach,...

– We have exciting news! Two global cybersecurity leaders are joining forces to accelerate the delivery of advanced cybersecurity services and technology for organizations of all sizes around the world. Sophos today has announced a definitive agreement to acquire Secureworks®, the developer of TaegisTM, the SaaS-based, open MDR/XDR platform built on more than 20 years of […]  – Read More ...

– [[{“value”:”Hi there! Here’s your quick update on the latest in cybersecurity. Hackers are using new tricks to break into systems we thought were secure—like finding hidden doors in locked houses. But the good news? Security experts are fighting back with smarter tools to keep data safe. Some big companies were hit with attacks, while others fixed their vulnerabilities just...

– [[{“value”:”Pentest Checklists Are More Important Than Ever Given the expanding attack surface coupled with the increasing sophistication of attacker tactics and techniques, penetration testing checklists have become essential for ensuring thorough assessments across an organization’s attack surface, both internal and external. By providing a structured approach, these checklists help testers systematically”}]]  – Read More  – The Hacker News 

– [[{“value”:”Cybersecurity researchers have discovered severe cryptographic issues in various end-to-end encrypted (E2EE) cloud storage platforms that could be exploited to leak sensitive data. “The vulnerabilities range in severity: in many cases a malicious server can inject files, tamper with file data, and even gain direct access to plaintext,” ETH Zurich researchers Jonas Hofmann and Kien Tuong Truong”}]]  – Read...

– Researchers at Microsoft discovered a new macOS vulnerability, “HM Surf” (CVE-2024-44133), which bypasses TCC protections, allowing unauthorized access…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– A new Gorilla Botnet has launched massive DDoS attacks, targeting over 100 countries, according to cybersecurity firm NSFOCUS.…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”Unknown threat actors have been observed attempting to exploit a now-patched security flaw in the open-source Roundcube webmail software as part of a phishing attack designed to steal user credentials. Russian cybersecurity company Positive Technologies said it discovered last month that an email was sent to an unspecified governmental organization located in one of the Commonwealth of”}]]  – Read...

– Hackers impersonate ESET in phishing attacks targeting Israeli organizations. Malicious emails, claiming to be from ESET, deliver wiper…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– In the modern enterprise, data security is often discussed using a complex lexicon of acronyms—DLP, DDR, DSPM, and many others. While these acronyms represent critical frameworks, architectures, and tools for protecting sensitive information, they can also overwhelm those trying to piece together an effective security strategy. This article aims to demystify some of the most important acronyms  – Read...

– [[{“value”:”A nascent threat actor known as Crypt Ghouls has been linked to a set of cyber attacks targeting Russian businesses and government agencies with ransomware with the twin goals of disrupting business operations and financial gain. “The group under review has a toolkit that includes utilities such as Mimikatz, XenAllPasswordPro, PingCastle, Localtonet, resocks, AnyDesk, PsExec, and others,””}]]  – Read...

– Iranian hackers are targeting critical infrastructure organizations with brute force tactics. This article explores their techniques, including MFA…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”North Korean information technology (IT) workers who obtain employment under false identities in Western companies are not only stealing intellectual property, but are also stepping up by demanding ransoms in order to not leak it, marking a new twist to their financially motivated attacks. “In some instances, fraudulent workers demanded ransom payments from their former employers after gaining”}]]  –...

– [[{“value”:” Brazilian authorities reportedly have arrested a 33-year-old man on suspicion of being “USDoD,” a prolific cybercriminal who rose to infamy in 2022 after infiltrating the FBI’s InfraGard program and leaking contact information for 80,000 members. More recently, USDoD was behind a breach at the consumer data broker National Public Data that led to the leak of Social Security...

– [[{“value”:”Cybersecurity and intelligence agencies from Australia, Canada, and the U.S. have warned about a year-long campaign undertaken by Iranian cyber actors to infiltrate critical infrastructure organizations via brute-force attacks. “Since October 2023, Iranian actors have used brute force and password spraying to compromise user accounts and obtain access to organizations in the healthcare and”}]]  – Read More  – The...

– [[{“value”:”Picture your company’s data as a vast, complex jigsaw puzzle—scattered across clouds, devices, and networks. Some pieces are hidden, some misplaced, and others might even be missing entirely. Keeping your data secure in today’s fast-evolving landscape can feel like an impossible challenge. But there’s a game-changing solution: Data Security Posture Management (DSPM). Think of it as a high-tech,”}]]  –...

– [[{“value”:”Threat actors are leveraging fake Google Meet web pages as part of an ongoing malware campaign dubbed ClickFix to deliver infostealers targeting Windows and macOS systems. “This tactic involves displaying fake error messages in web browsers to deceive users into copying and executing a given malicious PowerShell code, finally infecting their systems,” French cybersecurity company Sekoia said in”}]]  –...

– [[{“value”:”Microsoft has disclosed details about a now-patched security flaw in Apple’s Transparency, Consent, and Control (TCC) framework in macOS that has likely come under exploitation to get around a user’s privacy preferences and access data. The shortcoming, codenamed HM Surf by the tech giant, is tracked as CVE-2024-44133. It was addressed by Apple as part of macOS Sequoia 15...

– North Korean hackers are infiltrating Western companies using fraudulent IT workers to steal sensitive data and extort ransom.…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– The app market is saturated with over 7 million apps across major stores. Analytics mobile apps have become…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”No-one would be bold enough to say that the ransomware problem is receding, but a newly-published report by Microsoft does deliver a slither of encouraging news amongst the gloom. And boy do we need some good news – amid reports that 389 US-based healthcare institutions were hit by ransomware last year – more than one every single day. Read...

– [[{“value”:” A 25-year-old Alabama man has been arrested and charged with hacking into the Securities and Exchange Commission’s Twitter/X account earlier this year and making fake regulatory posts that artificially inflated the price of Bitcoin by more than $1,000 per unit. Eric Council Jr., a resident of Athens, Ala., was arrested Thursday morning and charged with aggravated identity theft...

– New innovations and top-requested features.  – Read More  – Sophos News 

– Protect yourself from the ClickFix attack! Learn how cybercriminals are using fake Google Meet pages to trick users…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”The Russian threat actor known as RomCom has been linked to a new wave of cyber attacks aimed at Ukrainian government agencies and unknown Polish entities since at least late 2023. The intrusions are characterized by the use of a variant of the RomCom RAT dubbed SingleCamper (aka SnipBot or RomCom 5.0), said Cisco Talos, which is monitoring the...

– [[{“value”:” The Federal Police of Brazil on Wednesday arrested a person allegedly responsible for a series of audacious data breaches targeting large international companies and U.S. government entities.  The suspect, who is known in the cybercrime underground as USDoD or EquationCorp, is allegedly the person responsible for a breach of the online background check and fraud prevention service National...

– [[{“value”:”Cybersecurity researchers have gleaned additional insights into a nascent ransomware-as-a-service (RaaS) called Cicada3301 after successfully gaining access to the group’s affiliate panel on the dark web. Singapore-headquartered Group-IB said it contacted the threat actor behind the Cicada3301 persona on the RAMP cybercrime forum via the Tox messaging service after the latter put out an”}]]  – Read More  – The...

– [[{“value”:” The U.S. government on Wednesday announced the arrest and charging of two Sudanese brothers accused of running Anonymous Sudan (a.k.a. AnonSudan), a cybercrime business known for launching powerful distributed denial-of-service (DDoS) attacks against a range of targets, including dozens of hospitals, news websites and cloud providers. The younger brother is facing charges that could land him life in...

– [[{“value”:”An advanced persistent threat (APT) actor with suspected ties to India has sprung forth with a flurry of attacks against high-profile entities and strategic infrastructures in the Middle East and Africa. The activity has been attributed to a group tracked as SideWinder, which is also known as APT-C-17, Baby Elephant, Hardcore Nationalist, Leafperforator, Rattlesnake, Razor Tiger, and T-APT-04. “”}]] ...

– As technology adoption has shifted to be employee-led, just in time, and from any location or device, IT and security teams have found themselves contending with an ever-sprawling SaaS attack surface, much of which is often unknown or unmanaged. This greatly increases the risk of identity-based threats, and according to a recent report from CrowdStrike, 80% of breaches today...

– [[{“value”:”Federal prosecutors in the U.S. have charged two Sudanese brothers with running a distributed denial-of-service (DDoS) botnet for hire that conducted a record 35,000 DDoS attacks in a single year, including those that targeted Microsoft’s services in June 2023. The attacks, which were facilitated by Anonymous Sudan’s “powerful DDoS tool,” singled out critical infrastructure, corporate networks,”}]]  – Read More ...

– [[{“value”:”A critical security flaw has been disclosed in the Kubernetes Image Builder that, if successfully exploited, could be abused to gain root access under certain circumstances. The vulnerability, tracked as CVE-2024-9486 (CVSS score: 9.8), has been addressed in version 0.1.38. The project maintainers acknowledged Nicolai Rybnikar for discovering and reporting the vulnerability. “A security issue”}]]  – Read More  –...

– Brazilian police have arrested the hacker known as USDoD, responsible for high-profile breaches including the FBI’s InfraGard and…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”WordPress’s emperor, Matt Mullenweg, demands a hefty tribute from WP Engine, and a battle erupts, leaving millions of websites hanging in the balance. Meanwhile, the Internet Archive, a digital library preserving our online history, is under siege from hackers. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley...