Codefinger hackers target Amazon S3 buckets with encryption attacks
The attacks rely on AWS's Server-Side Encryption with Customer-Provided Keys (SSE-C) feature.
Cybersecurity News - Page 98
North Korean Nickle Tapestry group linked to fraudulent crowdfunding campaigns
Nickle Tapestry orchestrated a scam on the IndieGoGo crowdfunding platform in 2016.
Global brute-force attacks target Microsoft 365 accounts using FastHTTP Go library
The brute-force attempts have resulted in account takeovers approximately 10% of the time.
Microsoft patches over 160 vulnerabilities, including 3 actively exploited zero-days
The three zero-day flaws allow attackers to escalate their privileges to SYSTEM-level access.
UK domain registrar Nominet compromised via Ivanti zero-day
The company said that it currently has no evidence of a data breach and that no backdoors were found on its systems.
Global police op removes Chinese-backed PlugX malware from thousands of infected computers
The malware campaign has been attributed to a China-backed threat actor tracked as Mustang Panda or Twill Typhoon.
Fortinet firewalls mass exploited, possible zero-day may be involved
The campaign involves unauthorized admin access to the management interfaces of firewalls, creating new accounts, altering configurations, and exploiting VPN services.
Russia-linked cyber espionage campaign targets Kazakhstan
The recent UAC-0063 campaign involves sophisticated spear-phishing attacks leveraging malware strains known as HATVIBE and CHERRYSPY.
Critical Aviatrix Controller flaw exploited to install backdoors and cryptominers
The vulnerability allows attackers to escalate privileges and gain full control of cloud resources.
Over 4K active hacker backdoors found in expiring or abandoned domains
Several of the web shells had been backdoored by their original maintainers, leaking critical information.
Showing elements 971 - 980