The United Kingdom’s National Crime Agency (NCA) has shut down Russian Coms, a major caller ID spoofing platform used by hundreds of criminals to make over 1.8 million scam calls. […]
Sitting Ducks DNS attacks let hackers hijack over 35,000 domains
Threat actors have hijacked more than 35,000 registered domains in so-called Sitting Ducks attacks that allow claiming a domain without having access to the owner’s account at the DNS provider or registrar. […]
Cencora confirms patient health info stolen in February attack
Pharmaceutical giant Cencora has confirmed that patients’ protected health information and personally identifiable information (PII) was exposed in a February cyberattack. […]
FBI warns of scammers posing as crypto exchange employees
The Federal Bureau of Investigation (FBI) warns of scammers posing as employees of cryptocurrency exchanges to steal funds from unsuspecting victims. […]
Alex Stamos Named CISO at SentinelOne
Longtime security executive Alex Stamos tapped by SentinelOne to manage its security engineering and operations teams.
The post Alex Stamos Named CISO at SentinelOne appeared first on SecurityWeek.
Over 1 Million Domains at Risk of ‘Sitting Ducks’ Domain Hijacking Technique
Over a million domains are susceptible to takeover by malicious actors by means of what has been called a Sitting Ducks attack.
The powerful attack vector, which exploits weaknesses in the domain name system (DNS), is being exploited by over a dozen Russian-nexus cybercriminal actors to stealthily hijack domains, a joint analysis published by Infoblox and Eclypsium has revealed.
“In a Sitting
The powerful attack vector, which exploits weaknesses in the domain name system (DNS), is being exploited by over a dozen Russian-nexus cybercriminal actors to stealthily hijack domains, a joint analysis published by Infoblox and Eclypsium has revealed.
“In a Sitting
Hackers Distributing Malicious Python Packages via Popular Developer Q&A Platform
In yet another sign that threat actors are always looking out for new ways to trick users into downloading malware, it has come to light that the question-and-answer (Q&A) platform known as Stack Exchange has been abused to direct unsuspecting developers to bogus Python packages capable of draining their cryptocurrency wallets.
“Upon installation, this code would execute automatically,
“Upon installation, this code would execute automatically,
New Android Banking Trojan BingoMod Steals Money, Wipes Devices
Cybersecurity researchers have uncovered a new Android remote access trojan (RAT) called BingoMod that not only performs fraudulent money transfers from the compromised devices but also wipes them in an attempt to erase traces of the malware.
Italian cybersecurity firm Cleafy, which discovered the RAT towards the end of May 2024, said the malware is under active development. It attributed the
Italian cybersecurity firm Cleafy, which discovered the RAT towards the end of May 2024, said the malware is under active development. It attributed the
Exploited Vulnerability Could Impact 20k Internet-Exposed VMware ESXi Instances
Shadowserver has observed over 20,000 internet-accessible VMware ESXi instances impacted by an exploited vulnerability.
The post Exploited Vulnerability Could Impact 20k Internet-Exposed VMware ESXi Instances appeared first on SecurityWeek.
Endari Emerges From Stealth With Cybersecurity Solutions for Startups
Endari has emerged from stealth mode with cybersecurity solutions for SMBs and startups and with $4 million in seed funding.
The post Endari Emerges From Stealth With Cybersecurity Solutions for Startups appeared first on SecurityWeek.