A help desk phishing campaign targets an organization’s Microsoft Active Directory Federation Services (ADFS) using spoofed login pages to steal credentials and bypass multi-factor authentication (MFA) protections. […]
Category Archives: Security
Auto Added by WPeMatico
AMD has released mitigation and firmware updates to address a high-severity vulnerability that can be exploited to load malicious CPU microcode on unpatched devices. […]
The US Cybersecurity & Infrastructure Security Agency (CISA) has added four vulnerabilities to its Known Exploited Vulnerabilities catalog, urging federal agencies and large organizations to apply the available security updates as soon as possible. […]
The Spanish police have arrested a suspected hacker in Alicante for allegedly conducting 40 cyberattacks targeting critical public and private organizations, including the Guardia Civil, the Ministry of Defense, NATO, the US Army, and various universities. […]
AWS S3 bucket names are global with predictable names that can be exploited in “S3 bucket namesquatting” attacks to access or hijack S3 buckets. In this article, Varonis explains how these attacks work and how you can prevent them. […]
Zyxel has issued a security advisory about actively exploited flaws in CPE Series devices, warning that it has no plans to issue fixing patches and urging users to move to actively supported models. […]
Five Eyes cybersecurity agencies in the UK, Australia, Canada, New Zealand, and the U.S. have issued guidance urging makers of network edge devices and appliances to improve forensic visibility to help defenders detect attacks and investigate breaches. […]
A Chinese hacking group is hijacking the SSH daemon on network appliances by injecting malware into the process for persistent access and covert operations. […]
1337 Services Gmbh, A Little Sunshine, AS210558, Breadcrumbs, Constella Intelligence, Cracked, domaintools, DreamDrive GmbH, Finn Alexander Grimpe, [email protected], finndev, floriaN, Florian Marzahl, HRB 164175, Intel 471, Krebs, Lucas Sohn, News, Northdata.com, Nulled, [email protected], Operation Talent, Security, Sellix, Shoppy Ecommerce Ltd, StarkRDP
Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?
04
Feb
Feb
The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled, English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. An investigation into the history of these communities shows their apparent co-founders quite openly operate an Internet service provider and a pair of […]
Netgear has fixed two critical remote code execution and authentication bypass vulnerabilities affecting multiple WiFi routers and warned customers to update their devices to the latest firmware as soon as possible. […]