Author: nlqip
Those of us at a certain age (ahem) grew up in a simpler time. Email was largely unheard of. There was no social media, no Facebook, Twitter or Instagram. There was no e-commerce, no Amazon, Alibaba or Taobao. No online banking. No online dating. Credit card transactions were processed manually. Local businesses accepted personal checks.…
Read MoreThere is an unspoken assumption that pervades the information security industry. It is a vestige from the days when system administrators were the security staff, and the ways in which customers and organizations interacted with the Internet were markedly different from how they are now. This assumption is that the boundary that separates our network…
Read MoreThreat Actors Rapidly Adopt New ThinkPHP RCE Exploit to Spread IoT Malware and Deploy Remote Shells
- by nlqip
Key Points Only a few days after the ThinkPHP vulnerability was discovered, it is already being exploited on the Internet. Almost 46,000 servers, most of which are located in China, are potential targets for this exploit. Multiple campaigns have been launched simultaneously by different threat actors, which might suggest the infection potential. Campaigns vary from…
Read MoreAt F5, we dedicate a lot of time to identifying and validating vulnerabilities. We use a variety of vulnerability scanning tools at a regular, frequent tempo to give us an up-to-date picture of our risk footprint. On top of that, we pay attention to user reporting, information we get from various threat intelligence sources, and…
Read MoreA concerted effort by global law enforcement agencies has successfully dismantled LabHost, a notorious online platform specializing in phishing kits. Since its inception in 2021, LabHost accrued over $1 million in profits by providing cybercriminals with the tools to impersonate trusted websites and steal sensitive user data. The coordinated operation against LabHost resulted in 37…
Read More(The fifth entry on the list, “12345,” inevitably brings to mind the excellent Spaceballs: “1-2-3-4-5? That’s the stupidest combination I’ve ever heard of in my life! That’s the kinda thing an idiot would have on his luggage!)” Top Attacked Username and Password Pairs: Credentials Every security team should make it a priority to ensure that…
Read More“While a simple launcher application, GooseEgg is capable of spawning other applications specified at the command line with elevated permissions, allowing threat actors to support any follow-on objectives such as remote code execution, installing a backdoor, and moving laterally through compromised networks,” the company said. Forest Blizzard has used GooseEgg as part of post-compromise activities…
Read MoreLearn from CISOs who describe how they would “do it over” again in some of their early security program deployments. Source link lol
Read MoreComputer geeks love their acronyms. Here’s one more: TANSTAAFL. There ain’t no such thing as a free lunch. No, I’m not talking about the grilled Alaskan salmon meal you got while playing on your phone instead of listening to the vendor pitch. I mean that if we want better security, someone has to pay for…
Read MoreThe most common initial vector for phishing attacks is the fraudulent email. A well-crafted phishing email entices the victim to click on a malicious link that then takes them to an attacker’s site. Once that happens, that site must appear to be as authentic as possible. Images, fonts, layout, styles, and even the URL will…
Read MoreRecent Posts
- Nvidia Reveals 4-GPU GB200 NVL4 Superchip, Releases H200 NVL Module
- New AWS Control Policy on the Block
- Fake Bitwarden ads on Facebook push info-stealing Chrome extension
- IBM VP On Power11 Release: ‘It’s More Tools In Our Partners’ Belts’
- The Dark Side of Domain-Specific Languages: Uncovering New Attack Techniques in OPA and Terraform