GoDaddy has been notifying its customers of a data breach, threat actors might have compromised their web hosting account credentials. GoDaddy has been notifying its customers of a data breach, attackers might have compromised users’ web hosting account credentials. Headquartered in Scottsdale, Arizona, the Internet domain registrar and web hosting company claims to have over […]
Security researchers spotted a new piece of DDoS bot dubbed Kaiji that is targeting IoT devices via SSH brute-force attacks. Last week, the popular security researcher MalwareMustDie and the experts at Intezer Labs spotted a new piece of malware dubbed Kaiji, that is targeting IoT devices via SSH brute-force attacks. The malicious code was designed to target […]
Microsoft warns of threat actors targeting organizations with malware-laced ISO and IMG files aimed at delivering a remote access trojan. Microsoft advanced machine learning threat detection models detected multiple malspam campaigns distributing malware-laced ISO. Last week experts from Microsoft detected a COVID-19-themed spam campaign, the messages are crafted to trick users into downloading and mounting […]
The UK’s National Cyber Security Centre (NCSC) is warning of cyber attacks against UK universities and scientific institutes involved in COVID-19 research. The UK’s National Cyber Security Centre (NCSC) warned of targeted attacks against UK universities and scientific facilities that are involved in the COVID-19 research. The NCSC reported that nation-state actors are carrying out cyber […]
Hackers are conducting a mass-scanning the Internet for vulnerable Salt installs that could allow them to hack the organizations, the last victim is the Ghost blogging platform. Experts warn of hacking campaign that is targeting organization using the Salt platform for the management of their infrastructure, the last victim is the Ghost blogging platform. The attackers […]
On Saturday, at around 8 pm (US Pacific coast), hackers have breached the LineageOS servers by exploiting an unpatched vulnerability. On Saturday, at around 8 pm (US Pacific coast), hackers have breached the LineageOS servers by exploiting an unpatched vulnerability. LineageOS is a free and open-source operating system for smartphones, tablet computers, and set-top boxes, […]
A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Please give me your vote for European Cybersecurity Blogger Awards â VOTE FOR YOUR WINNERShttps://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform Coronavirus-themed attacks April 19 â April 25, 2020 Crooks target US universities with malware used by nation-state actors Hackers exploit SQL injection zero-day […]
Today I am so happy to announce a big improvement in the cyber threats observatory (available for here). The main improvement sees the introduction of clustering stereotypes for each tracked malware family in three different behaviors: Domains, Files and Processes. Every malware does specific actions on domains, files and processes realms by meaning that every sample contacts several domain names, spawns specific processes and […]
Phishing attacks impersonating notifications from Microsoft Teams targeted as many as 50,000 Teams users to steal Office365 logins. Abnormal Security experts observed two separate phishing attacks impersonating notifications from Microsoft Teams that targeted as many as 50,000 Teams users to steal Office365 logins. The popularity of Microsoft Teams has spiked as a result of the […]
US power grid will not include any equipment manufactured by foreign states for security reasons, this states the executive order signed by President Trump. This week President Trump signed an executive order that prohibits operators of US power grids to buy and install electrical equipment that has been manufactured outside the US. “I further find that […]