The U.S. Justice Department and international partners dismantled the 911 S5 proxy botnet and arrested 35-year-old Chinese national YunHe Wang, its administrator. […]
Okta warns of credential stuffing attacks targeting its CORS feature
Okta warns that a Customer Identity Cloud (CIC) feature is being targeted in credential stuffing attacks, stating that numerous customers have been targeted since April. […]
Check Point Warns of Zero-Day Attacks on its VPN Gateway Products
Check Point is warning of a zero-day vulnerability in its Network Security gateway products that threat actors have exploited in the wild.
Tracked as CVE-2024-24919, the issue impacts CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, and Quantum Spark appliances.
“The vulnerability potentially allows an attacker to read certain information on
Tracked as CVE-2024-24919, the issue impacts CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, and Quantum Spark appliances.
“The vulnerability potentially allows an attacker to read certain information on
Brazilian Banks Targeted by New AllaKore RAT Variant Called AllaSenha
Brazilian banking institutions are the target of a new campaign that distributes a custom variant of the Windows-based AllaKore remote access trojan (RAT) called AllaSenha.
The malware is “specifically aimed at stealing credentials that are required to access Brazilian bank accounts, [and] leverages Azure cloud as command-and-control (C2) infrastructure,” French cybersecurity company HarfangLab
The malware is “specifically aimed at stealing credentials that are required to access Brazilian bank accounts, [and] leverages Azure cloud as command-and-control (C2) infrastructure,” French cybersecurity company HarfangLab
Check Point releases emergency fix for VPN zero-day exploited in attacks
Check Point has released hotfixes for a VPN zero-day vulnerability exploited in attacks to gain remote access to firewalls and attempt to breach corporate networks. […]
U.S. Sentences 31-Year-Old to 10 Years for Laundering $4.5M in Email Scams
The U.S. Department of Justice (DoJ) has sentenced a 31-year-old to 10 years in prison for laundering more than $4.5 million through business email compromise (BEC) schemes and romance scams.
Malachi Mullings, 31, of Sandy Springs, Georgia pleaded guilty to the money laundering offenses in January 2023.
According to court documents, Mullings is said to have opened 20 bank accounts in the name of
Malachi Mullings, 31, of Sandy Springs, Georgia pleaded guilty to the money laundering offenses in January 2023.
According to court documents, Mullings is said to have opened 20 bank accounts in the name of
New Research Warns About Weak Offboarding Management and Insider Risks
A recent study by Wing Security found that 63% of businesses may have former employees with access to organizational data, and that automating SaaS Security can help mitigate offboarding risks.
Employee offboarding is typically seen as a routine administrative task, but it can pose substantial security risks, if not handled correctly. Failing to quickly and thoroughly remove access for
Employee offboarding is typically seen as a routine administrative task, but it can pose substantial security risks, if not handled correctly. Failing to quickly and thoroughly remove access for
Microsoft Uncovers ‘Moonstone Sleet’ — New North Korean Hacker Group
A never-before-seen North Korean threat actor codenamed Moonstone Sleet has been attributed as behind cyber attacks targeting individuals and organizations in the software and information technology, education, and defense industrial base sectors with ransomware and bespoke malware previously associated with the infamous Lazarus Group.
“Moonstone Sleet is observed to set up fake companies and
“Moonstone Sleet is observed to set up fake companies and
BreachForums Returns Just Weeks After FBI Seizure – Honeypot or Blunder?
The online criminal bazaar BreachForums has been resurrected merely two weeks after a U.S.-led coordinated law enforcement action dismantled and seized control of its infrastructure.
Cybersecurity researchers and dark web trackers Brett Callow, Dark Web Informer, and FalconFeeds revealed the site’s online return at breachforums[.]st – one of the dismantled sites – by a user named ShinyHunters,
Cybersecurity researchers and dark web trackers Brett Callow, Dark Web Informer, and FalconFeeds revealed the site’s online return at breachforums[.]st – one of the dismantled sites – by a user named ShinyHunters,
First American December data breach impacts 44,000 people
First American Financial Corporation, the second-largest title insurance company in the United States, revealed on Tuesday that a December cyberattack led to a breach impacting 44,000 individuals. […]