Author: nlqip
Cybersecurity Snapshot: Malicious Versions of Cobalt Strike Taken Down, While Microsoft Notifies More Orgs About Midnight Blizzard Email Breach
- by nlqip
Check out the results of a multinational operation against illegal instances of Cobalt Strike. Plus, more organizations are learning that Midnight Blizzard accessed their email exchanges with Microsoft. Meanwhile, Carnegie Mellon has a new report about how to fix and mitigate API vulnerabilities. And two new reports shed light on cyber insurance trends. And much…
Read MoreWhen matched, the company said it found 81 email addresses in the exported mailing list that were not part of the threat actor’s own list. Phished to a crypto drainer The phishing emails posed as an announcement claiming that the Ethereum Foundation had teamed up with the Lido decentralized autonomous organization (LidoDAO) to provide a…
Read MoreJul 05, 2024The Hacker NewsCloud Security / Attack Surface The attack surface isn’t what it once was and it’s becoming a nightmare to protect. A constantly expanding and evolving attack surface means risk to the business has skyrocketed and current security measures are struggling to keep it protected. If you’ve clicked on this article, there’s…
Read MoreJul 05, 2024NewsroomSEO Poisoning / Cyber Attack, The malware known as GootLoader continues to be in active use by threat actors looking to deliver additional payloads to compromised hosts. “Updates to the GootLoader payload have resulted in several versions of GootLoader, with GootLoader 3 currently in active use,” cybersecurity firm Cybereason said in an analysis…
Read MoreVideo Social media sites are designed to make their users come back for more. Do laws restricting children’s exposure to addictive social media feeds have teeth or are they a political gimmick? 04 Jul 2024 Social media platforms have become a near-constant presence in our daily lives. They are a great tool to stay connected…
Read MoreWhat does a logic bomb attack do? As the Stuxnet example demonstrates, a logic bomb attack gets its name because the malicious code activates when some logical condition, or trigger, is satisfied: It can be explained as an if-then statement. There are two forms a logic bomb’s trigger can take: positive or negative. A positive trigger goes off if something happens, whereas…
Read MoreJul 05, 2024NewsroomSupply Chain Attack / Malware The supply chain attack targeting widely-used Polyfill[.]io JavaScript library is wider in scope than previously thought, with new findings from Censys showing that over 380,000 hosts are embedding a polyfill script linking to the malicious domain as of July 2, 2024. This includes references to “https://cdn.polyfill[.]io” or “https://cdn.polyfill[.]com”…
Read MoreJul 05, 2024NewsroomNetwork Security / Cyber Attack Cybersecurity researchers have uncovered a new botnet called Zergeca that’s capable of conducting distributed denial-of-service (DDoS) attacks. Written in Golang, the botnet is so named for its reference to a string named “ootheca” present in the command-and-control (C2) servers (“ootheca[.]pw” and “ootheca[.]top”). “Functionally, Zergeca is not just a…
Read MoreA threat actor compromised Ethereum’s mailing list provider and sent to over 35,000 addresses a phishing email with a link to a malicious site running a crypto drainer. Ethereum disclosed the incident in a blog post this week and said that it had no material impact on users. Attack details The attack occurred on the…
Read MoreWhat’s happening? Security researchers have warned that a new ransomware group has taken an unusual twist on the traditional method of extorting money from its corporate victims. So what’s different this time? Whereas many ransomware attacks see a company’s company’s data exfiltrated by attackers, and the threat made that stolen data will be sold to…
Read MoreRecent Posts
- Don’t become a statistic: Defending your personal data from dark web criminals
- Interbank confirms data breach following failed extortion, data leak
- Canary Trap’s Bi-Weekly Cyber Roundup – Canary Trap
- [R1] Sensor Proxy Version 1.0.11 Fixes Multiple Vulnerabilities
- Microsoft Entra “security defaults” to make MFA setup mandatory