New Backdoor Attack Uses Russian-Ukrainian Conflict Phishing Emails

By Deeba Ahmed The backdoors used in this campaign are never-before-seen malware strains called CommonMagic and PowerMagic. This is a post from HackRead.com Read the original post: New Backdoor Attack Uses Russian-Ukrainian Conflict Phishing Emails

/ March 26, 2023

Hackers Inject Weaponized JavaScript (JS) on 51,000 Websites

Researchers from Unit 42 have been monitoring a widespread campaign of harmful JavaScript (JS) injections. The campaign aims to redirect unsuspecting victims to dangerous content, including adware and fraudulent pages. Websites continue to be infected by this threat in 2023,...

/ March 25, 2023

U.K. National Crime Agency Sets Up Fake DDoS-For-Hire Sites to Catch Cybercriminals

In what’s a case of setting a thief to catch a thief, the U.K. National Crime Agency (NCA) revealed that it has created a network of fake DDoS-for-hire websites to infiltrate the online criminal underground. “All of the NCA-run sites,...

/ March 25, 2023

Understanding metrics to measure SOC effectiveness

The security operations center (SOC) plays a critical role in protecting an organization’s assets and reputation by identifying, analyzing, and responding to cyberthreats in a timely and effective manner. Additionally, SOCs also help to improve overall security posture by providing...

/ March 24, 2023

North Korean hackers infiltrate individuals and corporations using sophisticated hacking attacks

North Korean hackers are notorious for infiltrating individuals and corporations through sophisticated hacking attacks. The German Federal Office for the Protection of the Constitution and the National Intelligence Service of the Republic of Korea (NIS) have issued a statement that...

/ March 24, 2023

Resolving prioritization issues faced by modern AppSec teams with EASM

The post Resolving prioritization issues faced by modern AppSec teams with EASM appeared first on Detectify Blog.

/ March 17, 2023

Applying Strategic Thinking in Your Pentesting Program

The Synack Platform & Five Pillars of Strategic Pentesting Why You Need to Think Strategically It’s no great revelation that tactics, techniques, and procedures utilized by nefarious hackers hacking activities are evolving on a daily basis. In 2022, 18,828 common...

/ March 15, 2023
Hackers Abusing Microsoft Dynamics 365 Customer Voice to Steal Credentials

Hackers Abusing Microsoft Dynamics 365 Customer Voice to Steal Credentials

Check Point Software company Avanan has shared details of how hackers are trying to abuse Dynamics 365 Customer Voice in their recent findings. According to Avanan’s research, threat actors abuse authentic-looking links from Microsoft notifications to deliver credential-stealing pages. The...

/ November 5, 2022
Researchers Uncover 29 Malicious PyPI Packages Targeted Developers with W4SP Stealer

Researchers Uncover 29 Malicious PyPI Packages Targeted Developers with W4SP Stealer

Cybersecurity researchers have uncovered 29 packages in Python Package Index (PyPI), the official third-party software repository for the Python programming language, that aim to infect developers’ machines with a malware called W4SP Stealer. “The main attack seems to have started...

/ November 5, 2022
Microsoft Warns of Uptick in Hackers Leveraging Publicly-Disclosed 0-Day Vulnerabilities

Microsoft Warns of Uptick in Hackers Leveraging Publicly-Disclosed 0-Day Vulnerabilities

Microsoft is warning of an uptick among nation-state and criminal actors increasingly leveraging publicly-disclosed zero-day vulnerabilities for breaching target environments. The tech giant, in its 114-page Digital Defense Report, said it has “observed a reduction in the time between the...

/ November 5, 2022
DDoS Attack From Killnet Threat Group Frustrated By The US Treasury

DDoS Attack From Killnet Threat Group Frustrated By The US Treasury

Posted on November 5, 2022 at 6:02 AM The US Treasury Department stated recently that it blocked a distributed denial of service (DDoS) attack linked to the Russian hacktivist group Killnet. The same group claimed responsibility for hitting on over...

/ November 5, 2022