Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cyberattacks

alienvault

Blacktail: Unveiling the tactics of a notorious cybercrime group

Jun 26, 2023 By Arjun Patel In AT&T Cybersecurity

In recent months, a cybercrime group known as Blacktail has begun to make headlines as they continue to target organizations around the globe. The group was first spotted by the Unit 42 Team at Palo Alto Networks earlier this year. Since February, the group has launched multiple attacks based on their latest ransomware campaign labeled Buhti.

Read Post

CrowdStrike Takes On Spyboy's "Terminator"

Jun 26, 2023 By CrowdStrike In CrowdStrike
On May 21, 2023, a new threat actor named Spyboy emerged, advertising a tool known as “Terminator” in a Russian-language forum, claiming the software could bypass over 20 common AV and EDR controls. CrowdStrike automatically blocked this executable, categorizing this as a high-severity detection, enabled by our AI-powered indicators of attack.
View Video
knowbe4

SolarWinds' Head Refuses to Back Down Amid Potential US Regulatory Action over Russian hack

Jun 24, 2023 By Stu Sjouwerman In KnowBe4

According to an internal email obtained by CNN, the CEO of SolarWinds informed employees on Friday that the company plans to vigorously defend itself against potential legal action from US regulators over its handling of the 2020 breach by alleged Russian hackers.

Read Post
tripwire

BlackLotus bootkit patch may bring "false sense of security", warns NSA

Jun 23, 2023 By Graham Cluley In Tripwire

The NSA has published a guide about how to mitigate against attacks involving the BlackLotus bootkit malware, amid fears that system administrators may not be adequately protected against the threat. The BlackLotus UEFI bootkit made a name for itself in October 2022, when it was seen being sold on cybercrime underground forums for $5,000.

Read Post
Featured Post
cato networks

Exploiting ancient vulnerabilities: How did the 3CX supply chain attack occur and what can we learn from it?

Jun 22, 2023 By Etay Maor, Senior Director of Security Strategy In Cato Networks
On March 29th, North-Korean linked threat-actors targeted 3CX, a VoIP IPX developer, exploiting a 10-year-old vulnerability (CVE-2013-3900) that made executables appear to be legitimately signed by Microsoft when, in fact, they were being used to distribute malware. The 3CX attack is just the latest in a series of high-profile supply chain attacks over the past year. The SolarWinds attack compromised the Orion system, affecting thousands of organizations, and the Kaseya VSA attack that was used to deliver REvil ransomware also to thousands of organizations and is considered one of the largest security breaches of the 21st century.
Read Post

Account Takeover attacks: the viewpoint of a threat intelligence expert

Jun 21, 2023 By Datadog In Datadog
Account takeover happens when someone tries to steal a user account. Any service offering authentication can face it since an attacker just has to test pairs of users and passwords. Zack Allen joins us to share his experience protecting organizations that faced massive account take over, describes the criminal and financial motivation of attackers, their methods to hide, and how they move from a database leak to a compromised account. We show the tools that attackers most commonly use. Eventually, we discuss how to detect and protect your organization around account take over.
View Video
keeper

How Cybercriminals Are Using AI for Cyberattacks

Jun 21, 2023 By Aranza Trevino In Keeper

Cybercriminals are using AI to carry out various cyberattacks including password cracking, phishing emails, impersonation and deepfakes. It’s important you understand how cybercriminals are using AI to their advantage so you can better protect yourself and family, as well as your accounts and data. Continue reading to learn about AI-enabled cyberattacks and what you can do to keep yourself safe.

Read Post
Spectral

A step-by-step guide to preventing credit card skimming attacks

Jun 16, 2023 By Eyal Katz In Spectral

If you read the news, you’ve encountered the term “Magecart” multiple times in recent years. The term refers to several hacker organizations that use online skimming methods to steal personal information from websites, most frequently customer information and credit card details on websites that take online payments.

Read Post
knowbe4

UK Attacker Responsible for a Literal "Man-in-the-Middle" Ransomware Attack is Finally Brought to Justice

Jun 15, 2023 By Stu Sjouwerman In KnowBe4

The recent conviction of a U.K. man for cyber crimes committed in 2018 brings to light a cyber attack where this attacker manually performed the “in-the-middle” part of an attack. We’ve all heard of a “Man-in-the-Middle” (MitM) attack – also more recently called a “Manipulator-in-the-Middle” attack.

Read Post
knowbe4

Breakdown of an Impersonation Attack: Using IPFS and Personalization to Improve Attack Success

Jun 15, 2023 By Stu Sjouwerman In KnowBe4

Details from a simple impersonation phishing attack show how well thought out these attacks really are in order to heighten their ability to fool victims and harvest credentials. Credential harvesting scams are pretty simple at face value: send an email that links to a spoofed login page/website, and let the credentials roll on in.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.