Lucene search
K

16 matches found

Imperva Blog
Imperva Blog
added 2024/07/01 11:42 p.m.28 views

Imperva Client-Side Protection Mitigates the Polyfill Supply Chain Attack

The recent discovery of a website supply chain attack using the cdn.polyfill.io domain has left many websites vulnerable to malicious code injection. Once a trusted resource for adding JavaScript polyfills to websites, the domain has recently become the epicenter of a significant website supply...

8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/06/23 2:36 p.m.42 views

Pakistan-linked hackers targeted Indian power company with ReverseRat

A threat actor with suspected ties to Pakistan has been striking government and energy organizations in the South and Central Asia regions to deploy a remote access trojan on compromised Windows systems, according to new research. "Most of the organizations that exhibited signs of compromise were...

0.8AI score
Exploits0
FireEye
FireEye
added 2021/01/26 12:0 a.m.66 views

Phishing Campaign Leverages WOFF Obfuscation and Telegram Channels for Communication

FireEye Email Security recently encountered various phishing campaigns, mostly in the Americas and Europe, using source code obfuscation with compromised or bad domains. These domains were masquerading as authentic websites and stole personal information such as credit card data. The stolen...

6.8AI score
Exploits0References1
Trellix
Trellix
added 2020/11/05 12:0 a.m.11 views

Operation North Star: Behind The Scenes | McAfee Blogs

ARCHIVED STORY Operation North Star: Behind The Scenes Christiaan Beek · NOV 05, 2020 Executive Summary It is rare to be provided an inside view on how major cyber espionage campaigns are conducted within the digital realm. The only transparency afforded is a limited view of victims, a malware...

7.3AI score
Exploits0
Talos Blog
Talos Blog
added 2018/12/14 9:57 a.m.346 views

Bitcoin Bomb Scare Associated with Sextortion Scammers

This blog was written by Jaeson Schultz. Organizations across the country are on edge today after a flurry of phony bomb threats hit several public entities Thursday, such as universities, schools and news outlets, among others. The attackers distributed malicious emails claiming to have placed...

1.3AI score
Exploits0
Krebs on Security
Krebs on Security
added 2018/11/04 7:10 p.m.120 views

Who’s In Your Online Shopping Cart?

Crooks who hack online merchants to steal payment card data are constantly coming up with crafty ways to hide their malicious code on Web sites. In Internet ages past, this often meant obfuscating it as giant blobs of gibberish text that was obvious even to the untrained eye. These days, a...

6.7AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2018/04/25 9:34 p.m.29 views

Graffiti in the digital world: How hacktivists use defacement

Activists have been featured more frequently in the news lately, with marches shining the spotlight on women's rights and bringing about an end to gun violence, to name a few. However, the real world isn't the only place where activism happens. The digital realm has become a critical space for...

0.3AI score
Exploits0
ThreatPost
ThreatPost
added 2018/01/19 1:45 p.m.57 views

New Dridex Variant Emerges With An FTP Twist

A variant of the Dridex banking trojan recently popped up in an email campaign, with an unusual twist: The attackers used compromised FTP sites for hosting malicious documents, according to researchers at Forcepoint. It was a notable departure from the norm of using HTTP links and could represent...

0.0189EPSS
Exploits0References4
FireEye
FireEye
added 2016/07/19 4:45 p.m.12 views

Amazon Same Day Credential Shipping

FireEye has identified a campaign involving phishing websites that appear as legitimate Amazon sites. Amazon is the largest online retailer and threat actors frequently target its customers. In this attack, a person browsing the internet would be directed to authentic looking – yet fake – Amazon...

0.7AI score
Exploits0
ThreatPost
ThreatPost
added 2013/09/19 3:55 p.m.52 views

Oil, Energy Watering Hole Attacks Linked to DOL attack

A string of watering hole attacks targeting oil and energy companies dating back to May could be linked to similar attacks against the U.S. Department of Labor website. Researchers at Cisco discovered the compromised domains of 10 oil and energy companies worldwide, including hydroelectric plants...

10CVSS0.93688EPSS
Exploits29References10
ThreatPost
ThreatPost
added 2013/01/25 4:14 p.m.13 views

Malware Poses as Faux Adobe Flash Update

Cybercriminals are perpetrating a spam campaign by sending out emails with malicious attachments containing a Pony downloader that uploads a Zeus Trojan to victim machines while also leading users to a number of compromised domains housing fake Adobe Flash Player updates in order to dupe the...

1.7AI score
Exploits0References7
The Hacker News
The Hacker News
added 2011/05/09 5:18 a.m.9 views

Anonymous IRC networks - irc.anonops.net & irc.anonops.ru Hacked !

Anonymous IRC networks - irc.anonops.net & irc.anonops.ru Hacked ! Message By Anonymous : Dear Users of the AnonOps Network, We regret to inform you today that our network has been compromised by a former IRC-operator and fellow helper named "Ryan". He decided that he didn't like the leaderless...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2011/01/13 3:11 p.m.14 views

High Profile Education, Government Sites Hacked

The Web sites of some of the nation’s top universities were discovered to be serving up links to bogus online stores offering everything from popular software by Microsoft to student visas and Viagra, according to a report from security firm zScaler. Portions of Websites belonging to Harvard...

0.1AI score
Exploits0References5
ThreatPost
ThreatPost
added 2011/01/02 6:22 p.m.15 views

Storm Botnet Returns as Part of New Year's Attacks

A new spam campaign that appeared shortly before the New Year is part of a new effort by the crew behind the Storm/Waledac botnet and is using some rather elementary tactics–in combination with fast-flux–to attempt to compromise unsuspecting users. The new attack emerged late last week and is...

6.7AI score
Exploits0References2
ThreatPost
ThreatPost
added 2010/10/21 2:45 p.m.4 views

Report: Phishing Activity is Down (And That's A Bad Thing)

The number of phishing attacks declined in the first half of 2010, but a report from the Anti Phishing Working Group warns that might not be such a good thing. The group released its Global Phishing Survey on Monday covering the first six months of 2010. Overall, the survey reported a steep decli...

0.2AI score
Exploits0References3
ThreatPost
ThreatPost
added 2009/07/10 2:21 p.m.5 views

The Microsoft MsVidCtl Video Control Flaw Explained

From Websense Security Labs The recently publicized Zero-Day Vulnerability in Microsoft DirectShow is in the wild and spreads through infection of thousands of legitimate Web sites. The proof-of-concept of the vulnerability is out and exploitation is very easy to achieve. In our labs we have been...

2.3AI score
Exploits0References3
Rows per page
Query Builder