Fraudsters Use HTML Legos to Evade Detection in Phishing Attack
Enterprise VulnerabilitiesFrom DHS/US-CERT's National Vulnerability Database
CVE-2021-29221PUBLISHED: 2021-04-09
A local privilege escalation vulnerability was discovered in Erlang/OTP prior to version 23.2.3. By adding files to an existing installation's directory, a local...
Learn How to Build an Incident Response Playbook Against Scattered Spider in Real-Time
By:
Feb 20, 2024The Hacker NewsWebinar / Incident Response
In the tumultuous landscape of cybersecurity, the year 2023 left an indelible mark with the brazen exploits of the Scattered Spider...
400,000 Korean Credit Cards Leaked Overseas
SEOUL, June 8 (Yonhap) -- Details of some 900,000 credit cards held by South Koreans were leaked and traded on overseas online black markets, South Korea's credit association said...
CISA Analysis Reveals Successful Attack Techniques of FY 2020
The analysis shows potential attack paths and the most effective techniques for each tactic documented in CISA's Risk and Vulnerability Assessments.The Department of Homeland Cybersecurity and Infrastructure Security Agency...
New Report on Okta Hack Reveals the Entire Episode LAPSUS$ Attack
By: Ravie Lakshmanan
An independent security researcher has shared what's a detailed timeline of events that transpired as the notorious LAPSUS$ extortion gang broke into a third-party provider linked to...
LockBit Ransomware’s Darknet Domains Seized in Global Law Enforcement Raid
Feb 20, 2024NewsroomDark Web / Cybercrime
Update: The U.K. National Crime Agency (NCA) has confirmed the takedown of LockBit infrastructure. Read here for more details.An international law enforcement operation has...
Kubernetes RBAC Exploited in Large-Scale Campaign for Cryptocurrency Mining
By:
Apr 21, 2023Ravie LakshmananKubernetes / Cryptocurrency
A large-scale attack campaign discovered in the wild has been exploiting Kubernetes (K8s) Role-Based Access Control (RBAC) to create backdoors and run cryptocurrency...
EU regulator investigates Facebook for its 533M users’ data leak
An Irish regulator said on Tuesday it is investigating a recent Facebook data leak when 533M users’ data, such as phone numbers and locations, were made available online practically...
Arid Viper Targeting Arabic Android Users with Spyware Disguised as Dating App
By:
Oct 31, 2023NewsroomCyber War / Malware
The threat actor known as Arid Viper (aka APT-C-23, Desert Falcon, or TAG-63) has been attributed as behind an Android spyware campaign targeting...
Twitter alarms users with messages that resembled phishing emails
Written by Tim Starks Apr 23, 2021 |...