Infosecurity News
#RSAC: Experts Highlight Novel Cyber Threats and Tactics
Well-funded cybercriminals are adopting more sophisticated techniques, creating a need for defenders to stay informed about the evolving threat landscape
HACKRead
LiteSpeed Cache Plugin XSS Vulnerability Affects 1.8M WordPress Sites
WordPress websites are under attack with a surge of malicious JavaScript being injected using vulnerable versions of the LiteSpeed Cache plugin.
The Hacker News
Hackers Exploiting LiteSpeed Cache Bug to Gain Full Control of WordPress Sites
A critical flaw in the hugely popular LiteSpeed Cache plugin for WordPress is being exploited in the wild to create rogue admin accounts, granting att
.png)
Cyber Security News
Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)
The weekly news summary keeps you up to date with what’s happening in cybersecurity, including developments, vulnerabilities, breaches, threats, and defensive strategies. Knowing about new cyber risks and attack vectors helps you put up safeguards and preventive measures as soon as possible to protect your systems. Remaining constantly aware gives you a holistic view of […]
Bleeping Computer
Google rolls back reCaptcha update to fix Firefox issues
Google has rolled back a recent release of its reCaptcha captcha script after a bug caused the service to no longer work on Firefox for Windows.
Bleeping Computer
New Latrodectus malware attacks use Microsoft, Cloudflare themes
Latrodectus malware is now being distributed in phishing campaigns using Microsoft Azure and Cloudflare lures to appear legitimate while making it harder for email security platforms to detect the emails as malicious.
The Cyber Express
‘Unprecedented Scale’ of Credential Stuffing Attacks Observed: Okta
Okta reported an "unprecedented scale" of credential stuffing attacks targeting its identity and access management solutions, resulting in the breach
The DFIR Report
From IcedID to Dagon Locker Ransomware in 29 Days - The DFIR Report
Key Takeaways In August 2023, we observed an intrusion that started with a phishing campaign using PrometheusTDS to distribute IcedID. IcedID dropped and executed a Cobalt Strike beacon, which was … Read More
Bleeping Computer
Okta warns of "unprecedented" credential stuffing attacks on customers
Okta warns of an "unprecedented" spike in credential stuffing attacks targeting its identity and access management solutions, with some customer accounts breached in the attacks.
Ars Technica
LastPass users targeted in phishing attacks good enough to trick even the savvy
Campaign used email, SMS, and voice calls to trick targets into divulging master passwords.
HACKRead
5 Best CAPTCHA Plugins for WordPress Websites
Here's a list of 5 effective CAPTCHA plugins for WordPress that can help enhance the security of your website by preventing spam and bot activities:
Cyber Security News
Hackers Weaponize Suspended Domains To Deliver Malware Payload
A recent phishing campaign targeting Latin America utilized emails with ZIP attachments containing an HTML file disguised as an invoice using
The Hacker News
Cybercriminals Targeting Latin America with Sophisticated Phishing Scheme
Latin America targeted in new phishing attack. Emails contain malicious HTML files disguised as invoices.
DarkReading
Suspected MFA Bombing Attacks Target Apple iPhone Users
Several Apple device users have experienced recent incidents where they have received incessant password reset prompts and vishing calls from a number spoofing Apple's legitimate customer support line.
Ars Technica
“MFA Fatigue” attack targets iPhone owners with endless password reset prompts
Rapid-fire prompts sometimes followed with spoofed calls from "Apple support."
DarkReading
'Tycoon' Malware Kit Bypasses Microsoft, Google MFA
Threat actors are widely adopting the fast-growing, low-cost phishing-as-a-service (PhaaS) platform, which is sold via Telegram.
Krebs on Security
Recent ‘MFA Bombing’ Attacks Targeting Apple Users
Several Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple's password reset feature. In this scenario, a target's Apple devices are forced to display dozens of system-level prompts that…
The Hacker News
New StrelaStealer Phishing Attacks Hit Over 100 Organizations in E.U. and U.S.
Researchers at Palo Alto Networks Unit 42 uncover a new wave of phishing attacks delivering StrelaStealer malware, impacting over 100 organizations in
SecurityWeek
US Government Issues New DDoS Mitigation Guidance
CISA, the FBI, and MS-ISAC have released new guidance on how federal agencies can defend against DDoS attacks.
Infosecurity News
US Government Releases New DDoS Attack Guidance for Public Sector
The joint advisory sets out how to mitigate and respond to DDoS attacks, limiting disruption to critical services
Cyber Security News
CISA & FBI Released Guide to Respond for DDoS Attacks
CISA, in collaboration with FBI and the Multi-State Information Sharing and Analysis Center (MS-ISAC), has released a comprehensive guide.
CSO
FBI and CISA warn government systems against increased DDoS attacks
The advisory describes the critical DDoS tactics, with recommendations to defend against such attacks.
HACKRead
Microsoft Warns of New Tax Returns Phishing Scams Targeting You
Tax season is underway in the United States, bringing with it the notorious tax returns phishing campaigns targeting taxpayers and businesses.
Infosecurity News
Fake Obituary Sites Send Grievers to Porn and Scareware Pages
Secureworks is warning of fake obituary sites which expose visitors to fake AV scams
The Hacker News
Hackers Using Sneaky HTML Smuggling to Deliver Malware via Fake Google Sites
Researchers uncover a sophisticated malware campaign using fake Google Sites pages and HTML smuggling to distribute AZORult, a notorious info stealer.
SC Magazine
Fake Google Docs on Google Sites launch AZORult infostealer campaign
Azorult infostealer aims to steal user credentials and credit card information via HTML smuggling.
HACKRead
Tycoon and Storm-1575 Linked to Phishing Attacks on US Schools
These groups launched phishing attacks using stealthy attack patterns to target officials at large US school districts, bypassing MFA protections.
Trend Micro
AI Auctions: Collectibles, Taylor Swift, Jordan Bots
Discover the fascinating world of AI, ML, and RPA and their real-world applications including the creation of a custom RPA bot for collecting rare sports memorabilia.
SecurityWeek
FCC Employees Targeted in Sophisticated Phishing Attacks
Advanced phishing kit employs novel tactics in attack targeting cryptocurrency platforms and FCC employees.
Bleeping Computer
Hackers target FCC, crypto firms in advanced Okta phishing attacks
A new phishing kit named CryptoChameleon is being used to target Federal Communications Commission (FCC) employees, using specially crafted single sign-on (SSO) pages for Okta that appear remarkably similar to the originals.
HACKRead
CryptoChameleon Phishing Scam Targets Crypto Users and FCC Employees
Lookout has discovered a phishing campaign, dubbed "CryptoChameleon," that mimics legitimate login pages for cryptocurrency platforms.
The Hacker News
New Phishing Kit Leverages SMS, Voice Calls to Target Cryptocurrency Users
Cryptocurrency users BEWARE! Sophisticated phishing kit actively impersonating major exchanges.
SecurityWeek
Cyber Insights 2024: APIs - A Clear, Present, and Future Danger
The API attack surface is expanding and API vulnerabilities are growing. AI will help criminals find and exploit API vulnerabilities at scale
Infosecurity News
PDF Malware on the Rise, Used to Spread WikiLoader, Ursnif and DarkGat
Cybercriminals are increasingly using PDFs to deliver malware, with a 7% rise in threats detected in Q4 2023 compared to Q1, according to a HP Wolf Security report
CyberNews
DarkGate gang using CAPTCHA to spread malware
Legal advertising tools are being leveraged by cybercriminals to conceal their illicit campaigns and track victims.
Security Affairs
Nation-state actors are using AI services and LLMs for cyberattacks
Microsoft and OpenAI warn that nation-state actors are using ChatGPT to automate some phases of their attack chains.
Krebs on Security
U.S. Internet Leaked Years of Internal, Customer Emails
The Minnesota-based Internet provider U.S. Internet Corp. has a business unit called Securence, which specializes in providing filtered, secure email services to businesses, educational institutions and government agencies worldwide. But until it was notified last week, U.S. Internet was publishing…
Cyber Security News
USB Malware Chained with Text Strings on Legitimate Websites Attacks Users
According to the reports shared with Cyber Security News, the threat actor begins the infection chain by delivering the USB drives to the victims by any means of social engineering.
Bleeping Computer
VexTrio TDS: Inside a massive 70,000-domain cybercrime operation
A previously unknown traffic distribution system (TDS) named 'VexTrio' has been active since at least 2017, aiding 60 affiliates in their cybercrime operations through a massive network of 70,000 sites.
SecurityWeek
Cybercrime's Silent Operator: The Unraveling of VexTrio's Malicious Network Empire
VexTrio is a massive and complex malicious TDS (traffic direction system) supporting numerous cybercriminal campaigns.
The Cyber Express
Dark Web’s Layer7Booter IP Stresser Now Threatens Public Internet Security
Layer7Booter, an IP Stresser previously confined to the dark web, has now surfaced on the open internet. This tool claims
Cyber Security News
Hackers Employ New Evasion Mechanisms to Bypass Security Solutions
Once a serene meadow, the digital landscape has morphed into a battleground where attackers and security vendors engage in a perpetual arms race.
DarkReading
Millions of Microsoft Accounts Power Lattice of Automated Cyberattacks
Crimeware-as-a-service (CaaS) gang flies past CAPTCHAs, creating fraudulent accounts to sell to the likes of Scattered Spider; Microsoft mounts a counterattack.
The Record
Microsoft disrupts credentials marketplace, warns of gift card fraud, OAuth abuse
The tech giant published two warnings about threats from hackers and described how it took down a Vietnam-based marketplace for fraudulent credentials.
HACKRead
Microsoft Busts Black Market for 100s of Millions of Fraudulent Accounts
Microsoft Threat Intelligence, partnered with cybersecurity firm Arkose’s ACTIR, conducted a large-scale operation against online fraudulent login markets, successfully taking down Hotmailbox.me.
Infosecurity News
Microsoft Targets Prolific Outlook Fraudster Storm-1152
Microsoft disrupts Vietnam based threat actor Storm-1152, who has sold 750 million fake accounts
Cyber Security News
Microsoft Seized Storm-1152 Websites Used to Sell Microsoft Products & Accounts
Hackers sell fake Microsoft products and accounts because it allows them to profit from illicit activities, taking advantage of unsuspecting users.
The Hacker News
Microsoft Takes Legal Action to Crack Down on Storm-1152's Cybercrime Network
Microsoft takes down a major cybercriminal group, Storm-1152, responsible for distributing 750 million fraudulent Microsoft accounts and tools.
Bleeping Computer
Microsoft seizes domains used to sell fraudulent Outlook accounts
Microsoft's Digital Crimes Unit seized multiple domains used by a Vietnam-based cybercrime group (Storm-1152) that registered over 750 million fraudulent accounts and raked in millions of dollars by selling them online to other cybercriminals.
SC Magazine
Hiring? New scam campaign means ‘resume’ downloads may contain malware
Cybercriminals posing as job candidates are luring recruiters to install the “more_eggs” backdoor.
HACKRead
Fake Resumes, Real Malware: TA4557 Exploits Recruiters with Backdoor
Job seekers and recruiters should be vigilant for malicious emails and messages on LinkedIn, where TA4557 threat actors feign interest in a job, but their actual intent is to deliver a backdoor.
Infosecurity News
Threat Actor Targets Recruiters With Malware
Recruiters are warned to educate staff about surge in phishing attacks from threat group TA4557
CyberNews
Russian cyber gang mimics job candidates to steal data
Change of tactics involves building rapport with intended victims via convincing emails, says cybersecurity firm Proofpoint.
CSO
New malware is using direct emails to hunt the head-hunters
The new technique has the threat actor email malicious URLs directly to recruiters in response to job postings.
Bleeping Computer
UK and allies expose Russian FSB hacking group, sanction members
The UK National Cyber Security Centre (NCSC) and Microsoft warn that the Russian state-backed actor "Callisto Group" (aka "Seaborgium" or "Star Blizzard") is targeting organizations worldwide with spear-phishing campaigns used to steal account credentials and data.
HACKRead
Android Banking Malware FjordPhantom Steals Funds Via Virtualization
Currently, the FjordPhantom malware appears to be active in Southeast Asia, covering countries including Malaysia, Thailand, Indonesia, Singapore, and Vietnam.
HACKRead
68% of US Websites Exposed to Bot Attacks
The conclusion was reached after researchers evaluated over 9,500 of the largest transactional websites in terms of traffic, encompassing sectors such as banking, e-commerce, and ticketing businesses.
Cyber Security News
Is Your Online Store Hacked in a Carding Attack? Here's an Action Plan to Protect
Carding attacks primarily target information embedded in payment cards, such as credit or debit cards,The attackers, known as carders.
The Hacker News
How Multi-Stage Phishing Attacks Exploit QRs, CAPTCHAs, and Steganography
Phishing attacks are getting smarter! Cybercriminals are now using QR codes, CAPTCHAs, and steganography to trick victims. Learn how to stay safe.
The Hacker News
Researchers Expose Prolific Puma's Underground Link Shortening Service
Meet "Prolific Puma," the secretive threat actor behind a dangerous link shortening service with thousands of malicious domains used for phishing.
Bleeping Computer
Massive cybercrime URL shortening service uncovered via DNS data
A threat actor that security researchers call Prolific Puma has been providing link shortening services to cybercriminals for at least four years while keeping a sufficiently low profile to operate undetected.
The Record
Russian hacking tool floods social networks with bots, researchers say
Low-skill cybercriminals are using a new tool to create hundreds of fake social media accounts in just a few seconds.
Trend Micro
How Kopeechka, an Automated Social Media Accounts Creation Service, Can Facilitate Cybercrime
This report explores the Kopeechka service and gives a detailed technical analysis of the service’s features and capabilities and how it can help cybercriminals to achieve their goals.
Ars Technica
Thousands of WordPress sites have been hacked through tagDiv plugin vulnerability
If a site is redirecting visitors to scam sites, it was likely hacked by Balada.
The Record
From AI with love: Scammers integrate ChatGPT into dating-app tool
Dubbed LoveGPT by researchers at Avast, the tool can get around dating apps' security measures, send likes, read replies from potential matches and create believable profiles.
Ars Technica
Dead grandma locket request tricks Bing Chat’s AI into solving security puzzle
"I'm sure it's a special love code that only you and your grandma know."
Cyber Security News
Magento Security Checklist: 8 Steps To a Secure Magento Store - 2023
Magento Security Checklist : 1. Update to the Latest Version 2. Ensure a Strong Password 3. Limit Magento Admin Login Attempts 4. Switch 2FA.
Bleeping Computer
W3LL phishing kit hijacks thousands of Microsoft 365 accounts, bypasses MFA
A threat actor known as W3LL developed a phishing kit that can bypass multi-factor authentication along with other tools that compromised more than 8,000 Microsoft 365 corporate accounts.
The Hacker News
How to Prevent ChatGPT From Stealing Your Content & Traffic
ChatGPT and similar AI models are empowering cybercriminals to launch damaging attacks on online businesses. Learn how they're leveraging these tools
Cyber Security News
Tor Announces Proof-of-Work Defense to Defend Against DoS Attacks
Tor has officially introduced a Proof-of-Work (PoW) mechanism in order to defend from attackers doing Denial of Service attacks.
Cyber Security News
New Phishing Attack Exploits Cloudflare R2 Hosting Service to Steal Cloud Passwords
Threat actors behind these phishing campaigns exploit Cloudflare R2's free hosting service. While apart from this, with the help of two exceptional techniques, the operators evade the scanners and URL analyzers.
The Hacker News
Cybercriminals Abusing Cloudflare R2 for Hosting Phishing Pages, Experts Warn
The use of Cloudflare R2 for hosting phishing pages has surged by 61x in just six months.
Cyber Security News
Industry Leading StormWall DDoS Protection — Now Even Better With Improved Client Portal
DDoS attacks pack a punch. The Ponemon Institute estimates that each minute of downtime during a DDoS assault rings in at a whopping $22,000. On top of that, recovery from such an attack can set back a small or midsize business by $120,000. Implementing robust DDoS protection isn’t optional — it’s a necessity. But it’s […]
The Hacker News
"Mysterious Team Bangladesh" Targeting India with DDoS Attacks and Data Breaches
The enigmatic Team Bangladesh, a group of hacktivists, has carried out over 750 DDoS attacks and defaced 78 websites.
SecurityWeek
Google AMP Abused in Phishing Attacks Aimed at Enterprise Users
Threat actors are using Google AMP URLs in phishing campaigns aimed at enterprises as a new detection evasion tactic.
-1.webp)
Cyber Security News
Hackers Use Google AMP Pages to Bypass Enterprise Email Security Measures
A new phishing tactic was discovered that takes advantage of Google Accelerated Mobile Pages (AMP), bypassing email security infrastructure.
Bleeping Computer
Threat actors abuse Google AMP for evasive phishing attacks
Security researchers are warning of increased phishing activity that abuses Google Accelerated Mobile Pages (AMP) to bypass email security measures and get to inboxes of enterprise employees.
CSO
Menlo turns up the HEAT on web browser attacks with new threat prevention suite
HEAT Shield and HEAT Visibility prevent attacks from infiltrating enterprise networks and provide actionable intelligence on threats.
Ars Technica
Report: OpenAI holding back GPT-4 image features on fears of privacy issues
GPT-4's image capabilities can recognize certain individuals, according to NYT.
The Hacker News
How Generative AI Can Dupe SaaS Authentication Protocols — And Effective Ways To Prevent Other Key AI Risks in SaaS
Generative AI poses major security risks to enterprises. Threat actors can exploit it to hack weak SaaS authentication protocols, jeopardizing sensiti
DarkReading
Human-Assisted CAPTCHA-Cracking Services Supercharge Shopper Bots
On-demand human solvers are now augmenting automated website cyberattacks, offering a better way around tougher anti-bot puzzles.
The Hacker News
CAPTCHA-Breaking Services with Human Solvers Helping Cybercriminals Defeat Security
Cybercriminals are breaking CAPTCHAs with ease! Discover the shocking truth behind the rise of CAPTCHA-breaking services
Bleeping Computer
How To Secure Web Applications Against AI-assisted Cyber Attacks
Artificial intelligence has brought forth a new era of innovation. However, its rise has also led to an evolving landscape of emerging cyber threats.
Infosecurity News
RTM Locker Gang Targets Corporate Environments with Ransomware
Trellix said the businesslike approach of the group shows its organizational maturity
DarkReading
1M+ WordPress Sites Hacked via Zero-Day Plug-in Bugs
A wide-ranging campaign to inject malicious code into WordPress-run websites has been ongoing for at least five years.
The Hacker News
Over 1 Million WordPress Sites Infected by Balada Injector Malware Campaign
Summary: Balada Injector has been compromising WordPress sites since 2017, exploiting theme and plugin vulnerabilities.
Security Affairs
Threat actors abuse Adobe Acrobat Sign to distribute RedLine info-stealer
Threat actors are abusing the legitimate Adobe Acrobat Sign service to distribute the RedLine information stealer. Avast researchers reported that threat actors are abusing the legitimate Adobe Acrobat Sign service to distribute the RedLine information stealer. Adobe Acrobat Sign allows registered users to sign documents online and send a document signature request to anyone. This […]
Bleeping Computer
Adobe Acrobat Sign abused to push Redline info-stealing malware
Cybercriminals are abusing Adobe Acrobat Sign, an online document signing service, to distribute info-stealing malware to unsuspecting users.
Ars Technica
OpenAI checked to see whether GPT-4 could take over the world
"ARC's evaluation has much lower probability of leading to an AI takeover than the deployment itself."
Ars Technica
Software for sale is fueling a torrent of phishing attacks that bypass MFA
Some forms of multi-factor authentication only go so far in preventing account takeovers.
Infosecurity News
DEV-1101 Updates Open Source Phishing Kit
The kit is written in NodeJS and has automated setup and detection evasion capabilities
Security Affairs
DEV-1101 AiTM phishing kit is fueling large-scale phishing campaigns
Microsoft warns of large-scale phishing attacks orchestrated with an open-source adversary-in-the-middle (AiTM) phishing kit available in the cybercrime ecosystem Adversary-in-the-middle (AiTM) phishing kits are becoming an essential technology in the cybercrime ecosystem that is used by multiple threat actors to launch phishing attacks. AiTM phishing allows threat actors to circumvent multifactor authentication (MFA) through reverse-proxy functionality. […]
The Hacker News
Microsoft Warns of Large-Scale Use of Phishing Kits to Send Millions of Emails Daily
Microsoft Raises Alarm Over Hackers Using Phishing Kits to Send Millions of Malicious Emails Daily
Trend Micro
Hijacking Your Bandwidth How Proxyware Apps Open You Up to Risk
In this investigation, we analyzed several prominent "passive income" applications and found out that there may be security risks upon participating in these programs.
Cyber Security News
10 Best Firewall as a Service Providers (FWaaS) - 2023
Best Firewall as a Service Provider - Best FWaaS Solutions - 1. Perimeter81 2. Check Point NGFWs 3. Zscaler 4. Palo Alto Networks 5.CrowdSec
The Hacker News
Over 4,500 WordPress Sites Hacked to Redirect Visitors to Sketchy Ad Pages
Warning: A massive malware campaign has infected more than 4,500 WordPress websites and is redirecting their visitors to sketchy ad pages.
Cyber Security News
New 10 Best Web Application Firewall (WAF) - 2023
Best Web Application Firewall Solutions - 1.AppTrana, 2.Imperva Cloud WAF, 3.Cloudflare WAF, 4.F5 WAF, 5.Azure WAF, 6.Akamai , 7.Fortinet waf
Ars Technica
More than 4,400 Sophos firewall servers remain vulnerable to critical exploits
Exploiting vulnerability with 9.8 severity rating isn't particularly hard.
Bleeping Computer
Over 4,000 Sophos Firewall devices vulnerable to RCE attacks
Over 4,000 Sophos Firewall devices exposed to Internet access are vulnerable to attacks targeting a critical remote code execution (RCE) vulnerability.
CSO
How attackers might use GitHub Codespaces to hide malware delivery
A feature that allows developers to make applications accessible by a public GitHub URL could enable attackers to deliver malware and avoid detection.
Loading more articles....