Threat actors uploaded malicious Python packages to the PyPI repository and promoted them through the StackExchange online question and answer platform. […]
Hackers abuse free TryCloudflare to deliver remote access malware
Researchers are warning of threat actors increasingly abusing the Cloudflare Tunnel service in malware campaigns that usually deliver remote access trojans (RATs). […]
Convicted Russian Cybercriminals Included in Prisoner Swap
Two Russians serving time for insider trading, computer hacking and credit card theft were released in a prisoner swap deal with Moscow.
The post Convicted Russian Cybercriminals Included in Prisoner Swap appeared first on SecurityWeek.
UK takes down major ‘Russian Coms’ caller ID spoofing platform
The United Kingdom’s National Crime Agency (NCA) has shut down Russian Coms, a major caller ID spoofing platform used by hundreds of criminals to make over 1.8 million scam calls. […]
Sitting Ducks DNS attacks let hackers hijack over 35,000 domains
Threat actors have hijacked more than 35,000 registered domains in so-called Sitting Ducks attacks that allow claiming a domain without having access to the owner’s account at the DNS provider or registrar. […]
Cencora confirms patient health info stolen in February attack
Pharmaceutical giant Cencora has confirmed that patients’ protected health information and personally identifiable information (PII) was exposed in a February cyberattack. […]
FBI warns of scammers posing as crypto exchange employees
The Federal Bureau of Investigation (FBI) warns of scammers posing as employees of cryptocurrency exchanges to steal funds from unsuspecting victims. […]
Alex Stamos Named CISO at SentinelOne
Longtime security executive Alex Stamos tapped by SentinelOne to manage its security engineering and operations teams.
The post Alex Stamos Named CISO at SentinelOne appeared first on SecurityWeek.
Over 1 Million Domains at Risk of ‘Sitting Ducks’ Domain Hijacking Technique
Over a million domains are susceptible to takeover by malicious actors by means of what has been called a Sitting Ducks attack.
The powerful attack vector, which exploits weaknesses in the domain name system (DNS), is being exploited by over a dozen Russian-nexus cybercriminal actors to stealthily hijack domains, a joint analysis published by Infoblox and Eclypsium has revealed.
“In a Sitting
The powerful attack vector, which exploits weaknesses in the domain name system (DNS), is being exploited by over a dozen Russian-nexus cybercriminal actors to stealthily hijack domains, a joint analysis published by Infoblox and Eclypsium has revealed.
“In a Sitting
Hackers Distributing Malicious Python Packages via Popular Developer Q&A Platform
In yet another sign that threat actors are always looking out for new ways to trick users into downloading malware, it has come to light that the question-and-answer (Q&A) platform known as Stack Exchange has been abused to direct unsuspecting developers to bogus Python packages capable of draining their cryptocurrency wallets.
“Upon installation, this code would execute automatically,
“Upon installation, this code would execute automatically,