QakBot Malware Operators Expand C2 Network with 15 New Servers
The operators associated with the QakBot (aka QBot) malware have set up 15 new command-and-control (C2) servers as of late June 2023. The findings are a continuation of the malware’s infrastructure analysis from Team Cymru, and arrive a little over two months after Lumen Black Lotus Labs revealed that 25% of its C2 servers are only active […]
Cryptomining and Malware Flourish on Misconfigured Kubernetes Clusters
By Habiba Rashid Aquasec Investigation Exposes Alarming Rise in Kubernetes Misconfigurations Leading to Catastrophic Breaches. This is a post from HackRead.com Read the original post: Cryptomining and Malware Flourish on Misconfigured Kubernetes Clusters
Hackers Abusing Cloudflare Tunnels for Covert Communications
New research has revealed that threat actors are abusing Cloudflare Tunnels to establish covert communication channels from compromised hosts and retain persistent access. “Cloudflared is functionally very similar to ngrok,” Nic Finn, a senior threat intelligence analyst at GuidePoint Security, said. “However, Cloudflared differs from ngrok in that it provides a lot more usability for […]
The impact of blockchain technology on the future of shipping and logistics
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Photo by Tom Fisk Many industries are experiencing rapid growth thanks to the seemingly overnight advancement of new technologies. Artificial intelligence, for example, […]
Understanding Active Directory Attack Paths to Improve Security
Introduced in 1999, Microsoft Active Directory is the default identity and access management service in Windows networks, responsible for assigning and enforcing security policies for all network endpoints. With it, users can access various resources across networks. As things tend to do, times, they are a’changin’ – and a few years back, Microsoft introduced Azure […]
New Yashma Ransomware Variant Targets Multiple English-Speaking Countries
An unknown threat actor is using a variant of the Yashma ransomware to target various entities in English-speaking countries, Bulgaria, China, and Vietnam at least since June 4, 2023. Cisco Talos, in a new write-up, attributed the operation with moderate confidence to an adversary of likely Vietnamese origin. “The threat actor uses an uncommon technique […]
LOLBAS in the Wild: 11 Living-Off-The-Land Binaries Used for Malicious Purposes
Cybersecurity researchers have discovered a set of 11 living-off-the-land binaries-and-scripts (LOLBAS) that could be maliciously abused by threat actors to conduct post-exploitation activities. “LOLBAS is an attack method that uses binaries and scripts that are already part of the system for malicious purposes,” Pentera security researcher Nir Chako said. “This makes it hard for security teams
TikTok facing fines for violating children’s privacy
The European Data Protection Board is expected to fine TikTok for violating the privacy of young children within the next four weeks. The European Data Protection Board said a binding decision has been reached over TikTok’s processing of children’s data, after the ByteDance-owned app submitted legal objections to an earlier ruling in Ireland, the home […]
FCC comes down hard on robocallers with record $300m fine
Robocallers are in the news after the FCC issued a $300 million forfeiture to a persistent offender and shut down their operation. A robocall network makes use of automated software diallers to spam out large numbers of cold calls to unsuspecting recipients. These calls promise much but give very little. Anyone taking the bait stands […]
LetMeSpy Android Spyware Service Shuts Down After Data Breach
By Waqas LetMeSpy Faces Demise After Devastating Data Breach: Spyware Service Shuts Down Amidst Massive User Data Compromise. This is a post from HackRead.com Read the original post: LetMeSpy Android Spyware Service Shuts Down After Data Breach