Dark Pink APT Group Leverages TelePowerBot and KamiKakaBot in Sophisticated Attacks
The threat actor known as Dark Pink has been linked to five new attacks aimed at various entities in Belgium, Brunei, Indonesia, Thailand, and Vietnam between February 2022 and April 2023. This includes educational entities, government agencies, military bodies, and non-profit organizations, indicating the adversarial crew’s continued focus on high-value targets. Dark Pink, also called Saaiwc
Alert: Hackers Exploit Barracuda Email Security Gateway 0-Day Flaw for 7 Months
Enterprise security firm Barracuda on Tuesday disclosed that a recently patched zero-day flaw in its Email Security Gateway (ESG) appliances had been abused by threat actors since October 2022 to backdoor the devices. The latest findings show that the critical vulnerability, tracked as CVE-2023-2868 (CVSS score: N/A), has been actively exploited for at least seven months prior to its discovery.
SeroXen RAT for sale
This blog was jointly written with Alejandro Prada and Ofer Caspi. Executive summary SeroXen is a new Remote Access Trojan (RAT) that showed up in late 2022 and is becoming more popular in 2023. Advertised as a legitimate tool that gives access to your computers undetected, it is being sold for only $30 for a […]
Barracuda Networks patches zero-day vulnerability in Email Security Gateway
On May 20, Barracuda Networks issued a patch for a zero day vulnerability in its Email Security Gateway (ESG) appliance. The vulnerability existed in a module which initially screens the attachments of incoming emails, and was discovered on May 19. Barracuda’s investigation showed that the vulnerability resulted in unauthorized access to a subset of email gateway […]
Web3 Needs A Truly Decentralized Infrastructure That IPFS Alone Cannot Deliver
By Waqas Web3, the next evolution of the internet, requires a truly decentralized infrastructure that goes beyond what IPFS (InterPlanetary File System) can offer on its own. This is a post from HackRead.com Read the original post: Web3 Needs A Truly Decentralized Infrastructure That IPFS Alone Cannot Deliver
BlackCat (ALPHV) Ransomware Levels Up for Stealth, Speed and Exfiltration – post by LinkCyb
This blog was made possible through contributions from Kat Metrick, Kevin Henson, Agnes Ramos-Beauchamp, Thanassis Diogos, and Diego Matos Martins. BlackCat ransomware, which was among the top ransomware families observed by IBM Security X-Force in 2022, according to the 2023 X-Force Threat Intelligence Index, continues to wreak havoc across organizations globally this year. BlackCat (a.k.a. […]
SimpleTire Database Leak: Over 2.8 Million Records Exposed
By Habiba Rashid Despite Fowler’s efforts to responsibly disclose the issue, he received no response from the company. This is a post from HackRead.com Read the original post: SimpleTire Database Leak: Over 2.8 Million Records Exposed
Tenet and LayerZero Forge Cross-Chain LSD Adoption
By Owais Sultan Tenet and LayerZero Partner to Pioneer Cross-Chain Liquidity for Liquid Staking Derivatives. This is a post from HackRead.com Read the original post: Tenet and LayerZero Forge Cross-Chain LSD Adoption
Raidforums Database Leak: Data of 460,000 Users Dumped Online
By Waqas An analysis by Hackread.com indicates that the database is legitimate since it contains details of the forum’s founder, Omnipotent. This is a post from HackRead.com Read the original post: Raidforums Database Leak: Data of 460,000 Users Dumped Online
CAPTCHA-Breaking Services with Human Solvers Helping Cybercriminals Defeat Security
Cybersecurity researchers are warning about CAPTCHA-breaking services that are being offered for sale to bypass systems designed to distinguish legitimate users from bot traffic. “Because cybercriminals are keen on breaking CAPTCHAs accurately, several services that are primarily geared toward this market demand have been created,” Trend Micro said in a report published last week. “These