Tag: network security
The content of this post is solely the responsibility of the author. LevelBlue does not adopt or endorse any of the views, positions, or information provided by the author in this article. Memory forensics is a critical aspect of digital forensics, allowing investigators to analyze the volatile memory of a system to uncover evidence of…
Read More
May 29, 2024NewsroomCyber Crime / Data Breach The online criminal bazaar BreachForums has been resurrected merely two weeks after a U.S.-led coordinated law enforcement action dismantled and seized control of its infrastructure. Cybersecurity researchers and dark web trackers Brett Callow, Dark Web Informer, and FalconFeeds revealed the site’s online return at breachforums[.]st – one of…
Read More
An Indian national has pleaded guilty in the U.S. over charges of stealing more than $37 million by setting up a website that impersonated the Coinbase cryptocurrency exchange platform. Chirag Tomar, 30, pleaded guilty to wire fraud conspiracy, which carries a maximum sentence of 20 years in prison and a $250,000 fine. He was arrested…
Read More
You’re probably familiar with the term “critical assets”. These are the technology assets within your company’s IT infrastructure that are essential to the functioning of your organization. If anything happens to these assets, such as application servers, databases, or privileged identities, the ramifications to your security posture can be severe. But is every technology asset…
Read More
The threat actors behind the CatDDoS malware botnet have exploited over 80 known security flaws in various software over the past three months to infiltrate vulnerable devices and co-opt them into a botnet for conducting distributed denial-of-service (DDoS) attacks. “CatDDoS-related gangs’ samples have used a large number of known vulnerabilities to deliver samples,” the QiAnXin…
Read More
“In war, the importance of speed cannot be overstated. Swift and decisive actions often determine the outcome of battles, as delays can provide the enemy with opportunities to exploit weaknesses and gain advantages.” – General Patton, “Leadership and Strategy in Warfare,” Military Journal, 1945. Cybersecurity has become a battlefield where defenders and attackers engage in…
Read More
May 28, 2024NewsroomVulnerability / Network Security A maximum-severity security flaw has been disclosed in the TP-Link Archer C5400X gaming router that could lead to remote code execution on susceptible devices by sending specially crafted requests. The vulnerability, tracked as CVE-2024-5035, carries a CVSS score of 10.0. It impacts all versions of the router firmware including…
Read More
May 28, 2024NewsroomData Protection / Skimming Unknown threat actors are abusing lesser-known code snippet plugins for WordPress to insert malicious PHP code in victim sites that are capable of harvesting credit card data. The campaign, observed by Sucuri on May 11, 2024, entails the abuse of a WordPress plugin called Dessky Snippets, which allows users…
Read More
Microsoft is calling attention to a Morocco-based cybercrime group dubbed Storm-0539 that’s behind gift card fraud and theft through highly sophisticated email and SMS phishing attacks. “Their primary motivation is to steal gift cards and profit by selling them online at a discounted rate,” the company said in its latest Cyber Signals report. “We’ve seen…
Read More
May 27, 2024The Hacker NewsEmail Security / Browser Security The transition to the cloud, poor password hygiene and the evolution in webpage technologies have all enabled the rise in phishing attacks. But despite sincere efforts by security stakeholders to mitigate them – through email protection, firewall rules and employee education – phishing attacks are still…
Read More