The Justice Department Took Down the 911 S5 Botnet The US Justice Department has dismantled an enormous botnet: According to an indictment unsealed on May 24, from 2014 through July 2022, Wang and others are alleged to have created and disseminated malware to compromise and amass a network of millions of residential Windows computers worldwide.…
Read More
Jun 07, 2024NewsroomRansomware / Endpoint Security The U.S. Federal Bureau of Investigation (FBI) has disclosed that it’s in possession of more than 7,000 decryption keys associated with the LockBit ransomware operation to help victims get their data back at no cost. “We are reaching out to known LockBit victims and encouraging anyone who suspects they…
Read More
What is whitelisting? Whitelisting is a cybersecurity strategy under which only pre-approved or trusted users, entities, or actions are allowed to operate on a system or network. Instead of trying to keep one step ahead of cyber attackers to identify and block malicious code, with a whitelist approach, IT security teams instead identify trustworthy agents,…
Read More
Jun 07, 2024NewsroomCyber Attack / Malware The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks targeting defense forces in the country with a malware called SPECTR as part of an espionage campaign dubbed SickSync. The agency attributed the attacks to a threat actor it tracks under the moniker UAC-0020, which is…
Read More
Scams $90,000/year, full home office, and 30 days of paid leave, and all for a job as a junior data analyst – unbelievable, right? This and many other job offers are fake though – made just to ensnare unsuspecting victims into giving up their data. 06 Jun 2024 • , 5 min. read Seeking a…
Read More
First, “we take a working backwards approach to product development. This means that we start by understanding our customers’ needs and build our products around them. From design time forward, our security and product teams work together to ensure our products meet our customers’ expectations for security.” The next step is to sit with the…
Read More
Jun 07, 2024NewsroomCryptojacking / Vulnerability The threat actor known as Commando Cat has been linked to an ongoing cryptojacking attack campaign that leverages poorly secured Docker instances to deploy cryptocurrency miners for financial gain. “The attackers used the cmd.cat/chattr docker image container that retrieves the payload from their own command-and-control (C&C) infrastructure,” Trend Micro researchers…
Read More
Los Angeles Unified School District (LAUSD) officials are investigating a threat actor’s claims that they’re selling stolen databases containing records belonging to millions of students and thousands of teachers. LAUSD is the second largest public school district in the United States, with over 25,900 teachers, roughly 48,700 other employees, and more than 563,000 students enrolled…
Read More
Image: Midjourney Chinese threat actors are targeting ThinkPHP applications vulnerable to CVE-2018-20062 and CVE-2019-9082 to install a persistent web shell named Dama. The web shell enables further exploitation of the breached endpoints, such as enlisting them as part of the attackers’ infrastructure to evade detection in subsequent operations. The first signs of this activity date back…
Read More
The Computer Emergency Response Team of Ukraine (CERT-UA) reports about a new campaign dubbed “SickSync,” launched by the UAC-0020 (Vermin) hacking group in attacks on the Ukrainian defense forces. The threat group is linked to the Luhansk People’s Republic (LPR) region, which Russia has occupied almost in its entirety since October 2022. The hacker’s activities commonly…
Read More