Chinese Hackers Exploited Sophos Firewall Zero-Day Flaw to Target South Asian Entity
By: Ravie Lakshmanan
A sophisticated Chinese advanced persistent threat (APT) actor exploited a critical security vulnerability in Sophos' firewall product that came to light earlier this year to infiltrate an...
Cloudflare Saw Record-Breaking DDoS Attack Peaking at 26 Million Request Per Second
By: Ravie Lakshmanan
Cloudflare on Tuesday disclosed that it had acted to prevent a record-setting 26 million request per second (RPS) distributed denial-of-service (DDoS) attack last week, making it the...
Panchan: A New Golang-based Peer-To-Peer Botnet Targeting Linux Servers
By: Ravie Lakshmanan
A new Golang-based peer-to-peer (P2P) botnet has been spotted actively targeting Linux servers in the education sector since its emergence in March 2022.
Dubbed Panchan by Akamai Security...
Unpatched Travis CI API Bug Exposes Thousands of Secret User Access Tokens
By: Ravie Lakshmanan
An unpatched security issue in the Travis CI API has left tens of thousands of developers' user tokens exposed to potential attacks, effectively allowing threat actors to...
HelloXD Ransomware Installing Backdoor on Targeted Windows and Linux Systems
By: Ravie Lakshmanan
Windows and Linux systems are being targeted by a ransomware variant called HelloXD, with the infections also involving the deployment of a backdoor to facilitate persistent remote...
Microsoft Blocks Iran-linked Lebanese Hackers Targeting Israeli Companies
By: Ravie Lakshmanan
Microsoft on Thursday said it took steps to disable malicious activity stemming from abuse of OneDrive by a previously undocumented threat actor it tracks under the chemical...
U.S. Proposes $1 Million Fine on Colonial Pipeline for Safety Violations After Cyberattack
By: Ravie Lakshmanan
The U.S. Department of Transportation's Pipeline and Hazardous Materials Safety Administration (PHMSA) has proposed a penalty of nearly $1 million to Colonial Pipeline for violating federal safety...
Ukrainian CERT Warns Citizens of a New Wave of Attacks Distributing Jester Malware
By: Ravie Lakshmanan
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of phishing attacks that deploy an information-stealing malware called Jester Stealer on compromised systems.
The mass email campaign...
Chinese “Override Panda” Hackers Resurface With New Espionage Attacks
By: Ravie Lakshmanan
A Chinese state-sponsored espionage group known as Override Panda has resurfaced in recent weeks with a new phishing attack with the goal of stealing sensitive information.
"The Chinese...
Russian Hackers Targeting Diplomatic Entities in Europe, Americas, and Asia
By: Ravie Lakshmanan
A Russian state-sponsored threat actor has been observed targeting diplomatic and government entities as part of a series of phishing campaigns commencing on January 17, 2022.
Threat intelligence...
