The BlackCat ransomware gang is pulling an exit scam, trying to shut down and run off with affiliates’ money by pretending the FBI seized their site and infrastructure. […]
Passwords are Costing Your Organization Money – How to Minimize Those Costs
Getting rid of passwords completely isn’t a realistic option for most orgs, but there are things you can do to make them more secure. Learn more from Specops Software on maximizing security while mitigating costs. […]
What is Exposure Management and How Does it Differ from ASM?
Startups and scales-ups are often cloud-first organizations and rarely have sprawling legacy on-prem environments. Likewise, knowing the agility and flexibility that cloud environments provide, the mid-market is predominantly running in a hybrid state, partly in the cloud but with some on-prem assets.
While there has been a bit of a backswing against the pricing and lock-in presented when using
While there has been a bit of a backswing against the pricing and lock-in presented when using
Cybercriminals Using Novel DNS Hijacking Technique for Investment Scams
A new DNS threat actor dubbed Savvy Seahorse is leveraging sophisticated techniques to entice targets into fake investment platforms and steal funds.
“Savvy Seahorse is a DNS threat actor who convinces victims to create accounts on fake investment platforms, make deposits to a personal account, and then transfers those deposits to a bank in Russia,” Infoblox said in a report
“Savvy Seahorse is a DNS threat actor who convinces victims to create accounts on fake investment platforms, make deposits to a personal account, and then transfers those deposits to a bank in Russia,” Infoblox said in a report
Over 225,000 Compromised ChatGPT Credentials Up for Sale on Dark Web Markets
More than 225,000 logs containing compromised OpenAI ChatGPT credentials were made available for sale on underground markets between January and October 2023, new findings from Group-IB show.
These credentials were found within information stealer logs associated with LummaC2, Raccoon, and RedLine stealer malware.
“The number of infected devices decreased slightly in mid- and late
These credentials were found within information stealer logs associated with LummaC2, Raccoon, and RedLine stealer malware.
“The number of infected devices decreased slightly in mid- and late
Warning: Thread Hijacking Attack Targets IT Networks, Stealing NTLM Hashes
The threat actor known as TA577 has been observed using ZIP archive attachments in phishing emails with an aim to steal NT LAN Manager (NTLM) hashes.
The new attack chain “can be used for sensitive information gathering purposes and to enable follow-on activity,” enterprise security firm Proofpoint said in a Monday report.
At least two campaigns taking advantage of this
The new attack chain “can be used for sensitive information gathering purposes and to enable follow-on activity,” enterprise security firm Proofpoint said in a Monday report.
At least two campaigns taking advantage of this
Critical JetBrains TeamCity On-Premises Flaws Could Lead to Server Takeovers
A new pair of security vulnerabilities have been disclosed in JetBrains TeamCity On-Premises software that could be exploited by a threat actor to take control of affected systems.
The flaws, tracked as CVE-2024-27198 (CVSS score: 9.8) and CVE-2024-27199 (CVSS score: 7.3), have been addressed in version 2023.11.4. They impact all TeamCity On-Premises versions through 2023.11.3.
“The
The flaws, tracked as CVE-2024-27198 (CVSS score: 9.8) and CVE-2024-27199 (CVSS score: 7.3), have been addressed in version 2023.11.4. They impact all TeamCity On-Premises versions through 2023.11.3.
“The
Exploit available for new critical TeamCity auth bypass bug, patch now
A critical vulnerability (CVE-2024-27198) in the TeamCity On-Premises CI/CD solution from JetBrains can let a remote unauthenticated attacker take control of the server with administrative permissions. […]
ScreenConnect flaws exploited to drop new ToddleShark malware
The North Korean APT hacking group Kimsuky is exploiting ScreenConnect flaws, particularly CVE-2024-1708 and CVE-2024-1709, to infect targets with a new malware variant dubbed ToddleShark. […]
Hackers steal Windows NTLM authentication hashes in phishing attacks
The hacking group known as TA577 has recently shifted tactics by using phishing emails to steal NT LAN Manager (NTLM) authentication hashes to perform account hijacks. […]