New Orchard Botnet Uses Bitcoin Founder’s Account Info to Generate Malicious Domains

New Orchard Botnet Uses Bitcoin Founder’s Account Info to Generate Malicious Domains

A new botnet named Orchard has been observed using Bitcoin creator Satoshi Nakamoto’s account transaction information to generate domain names to conceal its command-and-control (C2) infrastructure. “Because of the uncertainty of Bitcoin transactions, this technique is more unpredictable than using...

/ August 8, 2022
Hackers Exploited Twitter Zero-day Bug to Expose 5.4 Million Accounts

Hackers Exploited Twitter Zero-day Bug to Expose 5.4 Million Accounts

Over 5.4 million Twitter user accounts a threat actor compiled profiles in order to create a list of the accounts. Using this ID, the threat actor then scraped the public information associated with this account to create a threat model. ...

/ August 7, 2022
New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack

New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack

A new IoT botnet malware dubbed RapperBot has been observed rapidly evolving its capabilities since it was first discovered in mid-June 2022. “This family borrows heavily from the original Mirai source code, but what separates it from other IoT malware...

/ August 7, 2022
Twitter Confirms Data Breach as 5.4M Accounts Sold on Hacker Forum

Twitter Confirms Data Breach as 5.4M Accounts Sold on Hacker Forum

Twitter was forced to investigate the incident when a hacker offered the personal details of 5.4 million Twitter users on a hacker forum for $30,000 last month. On Friday, Twitter confirmed that a threat actor exploited a vulnerability that risked...

/ August 7, 2022
Dark Utilities – A C2aaS Platform Leveraged By Hackers To Implant Malware

Dark Utilities – A C2aaS Platform Leveraged By Hackers To Implant Malware

Dark Utilities is a new service that has been discovered recently by security researchers at Cisco Talos. In order to set up a C2 center for their malicious operations, cybercriminals can use this service to provide them with an easy...

/ August 6, 2022
Microsoft bars Tutanota users from registering MS Teams accounts

Microsoft bars Tutanota users from registering MS Teams accounts

According to a Microsoft spokesperson, it will not be possible to change the current situation with Tutanota. Tutanota has over 2 million registered users but Microsoft is actively blocking Tutanota email addresses from registering a Microsoft Teams account. For your...

/ August 6, 2022
Hackers Exploit Twitter Vulnerability to Exposes 5.4 Million Accounts

Hackers Exploit Twitter Vulnerability to Exposes 5.4 Million Accounts

Twitter on Friday revealed that a now-patched zero-day bug was used to link phone numbers and emails to user accounts on the social media platform. “As a result of the vulnerability, if someone submitted an email address or phone number...

/ August 6, 2022
H1-702 Las Vegas Day 3: Switching Up Scopes

H1-702 Las Vegas Day 3: Switching Up Scopes

It is a new day with new challenges. Scope has shifted for the next part of our LHE. Today, you can feel the focus. These hackers have been heads down since the get-go. This is day one of a two...

/ August 6, 2022
H1-702 Las Vegas Day 4: Switching Up Scopes

H1-702 Las Vegas Day 4: Switching Up Scopes

It is a new day with new challenges. Scope has shifted for the next part of our LHE. Today, you can feel the focus. These hackers have been heads down since the get-go. This is day one of a two...

/ August 6, 2022
Protect Your Microsoft Email Account From This New Large-Scale Phishing Attack

Protect Your Microsoft Email Account From This New Large-Scale Phishing Attack

Posted on August 5, 2022 at 7:09 PM Security researchers at Zscaler’s ThreatLabz group have uncovered a large-scale phishing campaign that utilizes the adversary-in-the-middle (AiTM) attack method to bypass multi-factor authentication (MFA). The researchers stated that the main goal of...

/ August 5, 2022
Anonymous Source Leaks 4TB of Cellebrite Data After Cyberattack

Anonymous Source Leaks 4TB of Cellebrite Data After Cyberattack

Cellebrite is an Israel-based smartphone hacking (or cracking) firm that previously made headlines for unlocking iPhone devices for law enforcement and security agencies in the United States. An anonymous source has leaked around 4TB of proprietary data belonging to Israeli...

/ August 5, 2022
Overheard at the CISO Table: 4 Takeaways From Dinner Discussions

Overheard at the CISO Table: 4 Takeaways From Dinner Discussions

Wade Lance is the Field CISO for Synack.  Picture this: You’re seated at a dinner table surrounded by a dozen security leaders. Appetizers are on the way, and the conversation starts to pick up. Your neighbor says something about the...

/ August 5, 2022