Turla’s New DeliveryCheck Backdoor Breaches Ukrainian Defense Sector
The defense sector in Ukraine and Eastern Europe has been targeted by a novel .NET-based backdoor called DeliveryCheck (aka CAPIBAR or GAMEDAY) that’s capable of delivering next-stage payloads. The Microsoft threat intelligence team, in collaboration with the Computer Emergency Response Team of Ukraine (CERT-UA), attributed the attacks to a Russian nation-state actor known as Turla, which is
Microsoft Expands Cloud Logging to Counter Rising Nation-State Cyber Threats
Microsoft on Wednesday announced that it’s expanding cloud logging capabilities to help organizations investigate cybersecurity incidents and gain more visibility after facing criticism in the wake of a recent espionage attack campaign aimed at its email infrastructure. The tech giant said it’s making the change in direct response to increasing frequency and evolution of nation-state cyber
New P2PInfect Worm Targeting Redis Servers on Linux and Windows Systems
Cybersecurity researchers have uncovered a new cloud targeting, peer-to-peer (P2P) worm called P2PInfect that targets vulnerable Redis instances for follow-on exploitation. “P2PInfect exploits Redis servers running on both Linux and Windows Operating Systems making it more scalable and potent than other worms,” Palo Alto Networks Unit 42 researchers William Gamazo and Nathaniel Quist said. “This
Adobe Rolls Out New Patches for Actively Exploited ColdFusion Vulnerability
Adobe has released a fresh round of updates to address an incomplete fix for a recently disclosed ColdFusion flaw that has come under active exploitation in the wild. The critical shortcoming, tracked as CVE-2023-38205 (CVSS score: 7.5), has been described as an instance of improper access control that could result in a security bypass. It impacts the […]
Docker Hub images found to expose secrets and private keys
Numerous Docker images shared on Docker Hub are exposing sensitive data, according to a study conducted by researchers at the German university RWTH Aachen. Needless to say, this poses a significant security risk. In traditional software development, programmers code an application in one computing environment only to find bugs or errors when it’s deployed in another […]
Plane sailing for ticket scammers: How to keep your flight plans safe
You may be getting ready to jump on a plane and head off for a few days or weeks of rest and relaxation. So the last thing you need before flying is a technology related horror show. Sadly, scammers are aware of families getting ready to hit the skies, and have tailored their threats accordingly. […]
Instagram Insights Explained: Why Instagram Average Engagement Rate Matters
By Owais Sultan Instagram insight is a great way to track your progress and campaigns. Discover the importance of Instagram engagement… This is a post from HackRead.com Read the original post: Instagram Insights Explained: Why Instagram Average Engagement Rate Matters
Dark.IoT & Custom Botnets Exploit Zyxel Flaw in DDoS Attacks
By Waqas The DDoS attacks have been observed in various regions, including Central America, North America, East Asia, and South Asia. This is a post from HackRead.com Read the original post: Dark.IoT & Custom Botnets Exploit Zyxel Flaw in DDoS Attacks
Understanding Reverse Email Lookup: A Tool to Strengthen Cybersecurity
By Owais Sultan Reverse email lookup can be a handy tool for various tasks, ranging from verifying the sender’s identity, and… This is a post from HackRead.com Read the original post: Understanding Reverse Email Lookup: A Tool to Strengthen Cybersecurity
Check Point Research: Microsoft the Most Phished Brand in Q2 2023
By Habiba Rashid The report highlights the fact that cybersecurity is essential for brand protection. This is a post from HackRead.com Read the original post: Check Point Research: Microsoft the Most Phished Brand in Q2 2023