16 matches found
Imperva Client-Side Protection Mitigates the Polyfill Supply Chain Attack
The recent discovery of a website supply chain attack using the cdn.polyfill.io domain has left many websites vulnerable to malicious code injection. Once a trusted resource for adding JavaScript polyfills to websites, the domain has recently become the epicenter of a significant website supply...
Pakistan-linked hackers targeted Indian power company with ReverseRat
A threat actor with suspected ties to Pakistan has been striking government and energy organizations in the South and Central Asia regions to deploy a remote access trojan on compromised Windows systems, according to new research. "Most of the organizations that exhibited signs of compromise were...
Phishing Campaign Leverages WOFF Obfuscation and Telegram Channels for Communication
FireEye Email Security recently encountered various phishing campaigns, mostly in the Americas and Europe, using source code obfuscation with compromised or bad domains. These domains were masquerading as authentic websites and stole personal information such as credit card data. The stolen...
Operation North Star: Behind The Scenes | McAfee Blogs
ARCHIVED STORY Operation North Star: Behind The Scenes Christiaan Beek · NOV 05, 2020 Executive Summary It is rare to be provided an inside view on how major cyber espionage campaigns are conducted within the digital realm. The only transparency afforded is a limited view of victims, a malware...
Bitcoin Bomb Scare Associated with Sextortion Scammers
This blog was written by Jaeson Schultz. Organizations across the country are on edge today after a flurry of phony bomb threats hit several public entities Thursday, such as universities, schools and news outlets, among others. The attackers distributed malicious emails claiming to have placed...
Who’s In Your Online Shopping Cart?
Crooks who hack online merchants to steal payment card data are constantly coming up with crafty ways to hide their malicious code on Web sites. In Internet ages past, this often meant obfuscating it as giant blobs of gibberish text that was obvious even to the untrained eye. These days, a...
Graffiti in the digital world: How hacktivists use defacement
Activists have been featured more frequently in the news lately, with marches shining the spotlight on women's rights and bringing about an end to gun violence, to name a few. However, the real world isn't the only place where activism happens. The digital realm has become a critical space for...
New Dridex Variant Emerges With An FTP Twist
A variant of the Dridex banking trojan recently popped up in an email campaign, with an unusual twist: The attackers used compromised FTP sites for hosting malicious documents, according to researchers at Forcepoint. It was a notable departure from the norm of using HTTP links and could represent...
Amazon Same Day Credential Shipping
FireEye has identified a campaign involving phishing websites that appear as legitimate Amazon sites. Amazon is the largest online retailer and threat actors frequently target its customers. In this attack, a person browsing the internet would be directed to authentic looking – yet fake – Amazon...
Oil, Energy Watering Hole Attacks Linked to DOL attack
A string of watering hole attacks targeting oil and energy companies dating back to May could be linked to similar attacks against the U.S. Department of Labor website. Researchers at Cisco discovered the compromised domains of 10 oil and energy companies worldwide, including hydroelectric plants...
Malware Poses as Faux Adobe Flash Update
Cybercriminals are perpetrating a spam campaign by sending out emails with malicious attachments containing a Pony downloader that uploads a Zeus Trojan to victim machines while also leading users to a number of compromised domains housing fake Adobe Flash Player updates in order to dupe the...
Anonymous IRC networks - irc.anonops.net & irc.anonops.ru Hacked !
Anonymous IRC networks - irc.anonops.net & irc.anonops.ru Hacked ! Message By Anonymous : Dear Users of the AnonOps Network, We regret to inform you today that our network has been compromised by a former IRC-operator and fellow helper named "Ryan". He decided that he didn't like the leaderless...
High Profile Education, Government Sites Hacked
The Web sites of some of the nation’s top universities were discovered to be serving up links to bogus online stores offering everything from popular software by Microsoft to student visas and Viagra, according to a report from security firm zScaler. Portions of Websites belonging to Harvard...
Storm Botnet Returns as Part of New Year's Attacks
A new spam campaign that appeared shortly before the New Year is part of a new effort by the crew behind the Storm/Waledac botnet and is using some rather elementary tactics–in combination with fast-flux–to attempt to compromise unsuspecting users. The new attack emerged late last week and is...
Report: Phishing Activity is Down (And That's A Bad Thing)
The number of phishing attacks declined in the first half of 2010, but a report from the Anti Phishing Working Group warns that might not be such a good thing. The group released its Global Phishing Survey on Monday covering the first six months of 2010. Overall, the survey reported a steep decli...
The Microsoft MsVidCtl Video Control Flaw Explained
From Websense Security Labs The recently publicized Zero-Day Vulnerability in Microsoft DirectShow is in the wild and spreads through infection of thousands of legitimate Web sites. The proof-of-concept of the vulnerability is out and exploitation is very easy to achieve. In our labs we have been...