Month: April 2024

  Sure, the C&C list is a small sample size, and C&C hosts come and go quickly. This list is in no way exhaustive—it’s just a snapshot in time from last quarter. But for a breakdown of the domain hosting services, see the end of this article. “Yes, I really am a C&C server.” A…

Read More

Microsoft has rolled back a fix for a known Outlook issue that was causing incorrect security alerts when opening ICS calendar files after installing the December Outlook Desktop security updates. Affected Microsoft 365 users are seeing unexpected warnings that “Microsoft Office has identified a potential security concern” and that “This location may be unsafe” when…

Read More

  Among security professionals specifically, the gap is even more significant: 47% chose security and only 26% said availability. This isn’t a surprise—security has been steadily ascendant for the past three years. In 2015, availability was the clear leader at 40% over security’s 32%. But the next year the two categories were neck and neck…

Read More

“The digital economy is firmly entrenched, and has an appearance that promises prosperity; but in this world, nothing can be said to be certain, except death, taxes, and vulnerabilities.” With many apologies to Benjamin Franklin, to whom the original, unaltered quote on which this one relies is typically attributed. Unlike the forecasts for snow in…

Read More

Accept that breaches are inevitable in today’s world, then take these steps to reduce the chances of a large-scale, headline-making compromise. Source link lol

Read More

If you’re not evaluating risk in terms of likelihood and impact, you could be focusing your security efforts in all the wrong places. Source link lol

Read More

F5 security researchers analyzed the Ramnit banking trojan campaign that was active over the holiday season and discovered it’s not much of a banking trojan anymore. 64% of its targets were retail eCommerce sites, including Amazon.com, Best Buy, Forever 21, Gap, Zara, Carter’s, OshKosh B’gosh, Macy’s, Victoria’s Secret, H&M, Overstock.com, Toys“R”Us, Zappos, and many others.…

Read More

A threat actor has been using a content delivery network cache to store information-stealing malware in an ongoing campaign targeting systems U.S., the U.K., Germany, and Japan. Researchers believe that behind the campaign is CoralRaider, a financially motivated threat actor focused on stealing credentials, financial data, and social media accounts. The hackers deliver LummaC2, Rhadamanthys, and Cryptbot…

Read More

The obvious takeaway here is that these two most commonly breached application vulnerabilities represent low hanging fruit for attackers. Forum software is a favorite target for attackers because they consume user content that if not sanitized properly could be a crafty little malicious script that injects a PHP backdoor. Forum makers (as well as CMS providers…

Read More

We’re celebrating our one-year anniversary here at F5 Labs, the application threat intelligence division of F5! Although F5 researchers have been providing threat-related, F5-specific guidance to our customers for many years through DevCentral, the time was right a year ago today to launch a dedicated website that provides the general public with vendor-neutral, application-focused, actionable…

Read More