Learn about 5 powerful cloud security automations with Blink Ops to simplify security operations like S3 bucket monitoring, subdomain takeover detection and failed EC2 login detection. […]
Researchers Uncover Cicada3301 Ransomware Operations and Its Affiliate Program
Cybersecurity researchers have gleaned additional insights into a nascent ransomware-as-a-service (RaaS) called Cicada3301 after successfully gaining access to the group’s affiliate panel on the dark web.
Singapore-headquartered Group-IB said it contacted the threat actor behind the Cicada3301 persona on the RAMP cybercrime forum via the Tox messaging service after the latter put out an
Singapore-headquartered Group-IB said it contacted the threat actor behind the Cicada3301 persona on the RAMP cybercrime forum via the Tox messaging service after the latter put out an
F5 BIG-IP Updates Patch High-Severity Elevation of Privilege Vulnerability
F5 has released patches for a high-severity elevation of privilege vulnerability in BIG-IP and a medium-severity bug in BIG-IQ.
The post F5 BIG-IP Updates Patch High-Severity Elevation of Privilege Vulnerability appeared first on SecurityWeek.
Cisco Patches High-Severity Vulnerabilities in Analog Telephone Adapters
Cisco has released patches for multiple vulnerabilities in ATA 190 series firmware, including two high-severity flaws.
The post Cisco Patches High-Severity Vulnerabilities in Analog Telephone Adapters appeared first on SecurityWeek.
Iranian Hackers Use Brute Force in Critical Infrastructure Attacks
Iranian threat actors use brute force techniques in attacks against critical infrastructure organizations, the US, Australia, and Canada warn.
The post Iranian Hackers Use Brute Force in Critical Infrastructure Attacks appeared first on SecurityWeek.
Brazilian Police Arrest Notorious Hacker USDoD
Brazil’s Federal Police announced the arrest of a hacker whose description matches that of the notorious leaker USDoD.
The post Brazilian Police Arrest Notorious Hacker USDoD appeared first on SecurityWeek.
Anonymous Sudan DDoS Service Disrupted, Members Charged by US
The DoJ has announced charges against Anonymous Sudan members and the disruption of their DDoS attack service.
The post Anonymous Sudan DDoS Service Disrupted, Members Charged by US appeared first on SecurityWeek.
U.S. Charges Two Sudanese Brothers for Record 35,000 DDoS Attacks
Federal prosecutors in the U.S. have charged two Sudanese brothers with running a distributed denial-of-service (DDoS) botnet for hire that conducted a record 35,000 DDoS attacks in a single year, including those that targeted Microsoft’s services in June 2023.
The attacks, which were facilitated by Anonymous Sudan’s “powerful DDoS tool,” singled out critical infrastructure, corporate networks,
The attacks, which were facilitated by Anonymous Sudan’s “powerful DDoS tool,” singled out critical infrastructure, corporate networks,
Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk
A critical security flaw has been disclosed in the Kubernetes Image Builder that, if successfully exploited, could be abused to gain root access under certain circumstances.
The vulnerability, tracked as CVE-2024-9486 (CVSS score: 9.8), has been addressed in version 0.1.38. The project maintainers acknowledged Nicolai Rybnikar for discovering and reporting the vulnerability.
“A security issue
The vulnerability, tracked as CVE-2024-9486 (CVSS score: 9.8), has been addressed in version 0.1.38. The project maintainers acknowledged Nicolai Rybnikar for discovering and reporting the vulnerability.
“A security issue
Iranian hackers act as brokers selling critical infrastructure access
Iranian hackers are breaching critical infrastructure organizations to collect credentials and network data that can be sold on cybercriminal forums to enable cyberattacks from other threat actors. […]