Top 10 Threat Actors: Their Tactics & Motivations

The world of cybercrime has its own cast of characters, each with a unique script. Some are patient spies, like state-sponsored groups that move silently within a network for months to gather intelligence. Others are loud and aggressive, like ransomware gangs that operate like ruthless businesses...

SpaceX, CNN, and The White House internal data allegedly published online. Is it real?

A cybercriminal has released internal data online that they say has come from leaks at several high-profile sources, including SpaceX, CNN, and the White House. However, there are some questions around the reliability and usefulness of the released data, so we took a closer look. When it comes to...

In-Depth Analysis of NoEscape Ransomware

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The NoEscape ransomware, suspected to be a rebrand of Avaddon, targets enterprises globally through multi-extortion attacks. Operating as Ransomware-as-a-Service, it encrypts files, changes wallpapers, a...

Storm-0978 attacks reveal financial and espionage motives

Microsoft has identified a phishing campaign conducted by the threat actor tracked as Storm-0978 targeting defense and government entities in Europe and North America. The campaign involved the abuse of CVE-2023-36884, which included a remote code execution vulnerability exploited before disclosu...

Void Rabisu’s Use of RomCom Backdoor Shows a Growing Shift in Threat Actors’ Goals

Void Rabisu, a malicious actor believed to be associated with the RomCom backdoor, was thought to be driven by financial gain because of its ransomware attacks. But in this blog entry, we discuss how the use of the RomCom backdoor in recent attacks shows how Void Rabisu's motives seem to have...

2022 holiday DDoS protection guide

The holiday season is an exciting time for many people as they get to relax, connect with friends and family, and celebrate traditions. Organizations also have much to rejoice about during the holidays for example, more sales for retailers and more players for gaming companies. Unfortunately, cyb...

Verizon: Pandemic Ushers in ⅓ More Cyber Misery

Thanks for just showing up, said the team that cranked out the Verizon 2021 Data Breach Investigations Report DBIR. It’s quite the accomplishment that we all made it through the “often frightening and always unpredictable dystopian wasteland that was 2020,” the carrier noted, with cybersecurity...

Meow Attack: A Reminder for Organizations to Identify and Secure Their Databases

Thousands of unsecured internet-facing databases have fallen prey to the “Meow” attack and have been permanently destroyed. Meow attacks replace the original index with a newly created one with the suffix “-meow”. With no ransomware demands or any other explanatory note, the attackers seem to hav...

The Twitter Hack Could Have Been Much Worse—and Maybe Was

The meltdown appears to be part of a bitcoin scam and not something more nefarious, but security experts are troubled that it happened at all...

DOJ Says Chinese Hackers Attacked Anthem, but Not Why

For years, China was rumored to be behind the health insurance company's massive data breach, but now the Justice Department is noticeably silent on the hackers' motives and affiliation...

Evil TeamViewer Attacks Under the Guise of the U.S. State Department

UPDATE A targeted, email-borne attack against embassy officials and government finance authorities globally is making use of a malicious attachment disguised as a top-secret U.S. document. It weaponizes TeamViewer, the popular remote-access and desktop-sharing software, to gain full control of th...

ShadowBrokers Remain an Enigma

LAS VEGAS—Clarity and the ShadowBrokers are strange bedfellows. We’re closing in on the first anniversary of the mysterious group’s initial dump of NSA hacking tools and we’re still no closer to understanding who they are, where they got their stuff, and what their true motivations are. Instead a...

[SECURITY] Fedora 24 Update: kf5-knewstuff-5.24.0-1.fc24

KDE Frameworks 5 Tier 3 module for downloading and sharing additional application data like plugins, themes, motives, etc...

Windows Zero-Day Vulnerability, CVE-2 0 1 6-0 1 6 7: the attack Payment Card data-vulnerability warning-the black bar safety net

2 0 1 6 years 3 month, there has been a batch of economic motivation to the retail, Foodservice and hospitality industry as the target of the attack, these attacks, the message contains a large number of with embedded macros of the Microsoft Word document, once downloaded it will execute a named...

Personal Data of 50 Million Turkish Citizens Leaked Online

Personal details of nearly 50 Million Turkish citizens, including the country's President Recep Tayyip Erdogan, have been compromised and posted online in a massive security breach. A database, which contains 49,611,709 records, appeared on the website of an Icelandic group on Monday, offering...

Size, Funding of Bank DDoS Attacks Grow in Third Phase

The resumption this week of distributed denial of service attacks against major U.S. banks brought not only more cost and disruption to financial institutions trying keep online services available, but it also raised new questions about the funding and true motives behind the attacks. A number of...

Dutch Government Sets Sept. 28 Kill Date for DigiNotar Certs

Adobe said on Friday that its products would soon reject certificates issued by the disgraced Dutch certificate authority DigiNotar following the Dutch government’s decision, Friday, to revoke DigiNotar PKIoverheid CA certificates used by government agencies on September 28. The news sets an...

Dutch Site Claims Mozilla, Yahoo, WordPress, Tor Project All Targets in DigiNotar Attack

There are more signs that a July compromise of DigiNotar, a certificate authority based in the Netherlands, may have been driven by political motives. A Dutch Web site, nu.nl, reported on Wednesday that digital certificates belonging to Mozilla, Yahoo.com, WordPress and The Tor Project were among...

FBI raids on 40 Anonymous hackers !

The FBI would have conducted 40 raids yesterday and seized the computers of members of the loosely organized group of hackers known as Anonymous. Several members have posted their stories in online forums, including images of kicking in doors. The FBI has seized every computer in every house and...

Skunkware 2.0 - view-source Directory Traversal

Skunkware 2.0 - view-source Directory Traversal source: https://www.securityfocus.com/bid/2251/info view-source is a script included with the httpd package bundled with Skunkware 2.0. Skunkware 2.0 is a variant of the UNIX Operating System distributed by Santa Cruz Operations. A problem with the...