FIN8 Group Using Modified Sardonic Backdoor for BlackCat Ransomware Attacks
The financially motivated threat actor known as FIN8 has been observed using a “revamped” version of a backdoor called Sardonic to deliver the BlackCat ransomware. According to the Symantec Threat Hunter Team, part of Broadcom, the development is an attempt on the part of the e-crime group to diversify its focus and maximize profits from infected entities. The […]
Effectively managing security budgets in a recession
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. How can you effectively manage a security budget in a recession? An economic downturn will likely impact your team, so you must prepare […]
Owner of BreachForums Pleads Guilty to Cybercrime and Child Pornography Charges
Conor Brian Fitzpatrick, the owner of the now-defunct BreachForums website, has pleaded guilty to charges related to his operation of the cybercrime forum as well as having child pornography images. The development, first reported by DataBreaches.net last week, comes nearly four months after Fitzpatrick (aka pompompurin) was formally charged in the U.S. with conspiracy to commit access device
Cybercriminals Exploiting WooCommerce Payments Plugin Flaw to Hijack Websites
Threat actors are actively exploiting a recently disclosed critical security flaw in the WooCommerce Payments WordPress plugin as part of a massive targeted campaign. The flaw, tracked as CVE-2023-28121 (CVSS score: 9.8), is a case of authentication bypass that enables unauthenticated attackers to impersonate arbitrary users and perform some actions as the impersonated user, including an
JumpCloud Blames ‘Sophisticated Nation-State’ Actor for Security Breach
A little over a week after JumpCloud reset API keys of customers impacted by a security incident, the company said the intrusion was the work of a sophisticated nation-state actor. The adversary “gained unauthorized access to our systems to target a small and specific set of our customers,” Bob Phan, chief information security officer (CISO) at JumpCloud, said in […]
Act now! In-the-wild Zimbra vulnerability needs a workaround
Security experts are warning Zimbra users that a vulnerability for which there is no patch is being actively exploited in the wild. In a security update about the vulnerability, the company offered a temporary workaround which users can apply while waiting for a patch to be created. Zimbra is an open source webmail application used […]
Spy vs. spy: Exploring the LetMeSpy hack, with maia arson crimew
The language of a data breach, no matter what company gets hit, is largely the same. There’s the stolen data—be it email addresses, credit card numbers, or even medical records. There are the users—unsuspecting, everyday people who, through no fault of their own, mistakenly put their trust into a company, platform, or service to keep […]
NEAR APAC 2023: Vietnam’s Largest Blockchain Conference on the Horizon
By Waqas With a whopping 8,000 participants expected to attend, NEAR APAC will bring together a diverse community of stakeholders… This is a post from HackRead.com Read the original post: NEAR APAC 2023: Vietnam’s Largest Blockchain Conference on the Horizon
Xangle and Republic Crypto Collaborate to Boost Asian Web3 Adoption
By Waqas South Korean Web3 Leader Xangle Joins Forces with US Firm Republic Crypto in Strategic Partnership. This is a post from HackRead.com Read the original post: Xangle and Republic Crypto Collaborate to Boost Asian Web3 Adoption
Database Mess Up Exposed PII and Photos of 2.3M Dating App Users
By Habiba Rashid Alarmingly, the leaked data also contained 969,571 images of users, some of which were sexually explicit in nature. This is a post from HackRead.com Read the original post: Database Mess Up Exposed PII and Photos of 2.3M Dating App Users