A threat actor is selling twenty-nine databases on a hacker forum that allegedly contains a combined total of 550 million stolen user records. The actor began selling these databases on May 7th, when they posted them on a well-known hacker where threat actors can buy each one individually. According to cyber intelligence firm Cyble, none of these data breaches appear to be new, with the oldest being from 2012 and the latest from last month. READ MORE...
Hutchins had saved the internet from what was, at the time, the worst cyberattack in history: a piece of malware called WannaCry. Just as that self-propagating software had begun exploding across the planet, destroying data on hundreds of thousands of computers, it was Hutchins who had found and triggered the secret kill switch contained in its code, neutering WannaCry's global threat immediately. Then he was arrested by the FBI. This is his untold story. READ MORE...
Engineers from SMU's Darwin Deason Institute for Cybersecurity have developed software to detect ransomware attacks before attackers can inflict catastrophic damage. Ransomware is crippling cities and businesses all over the world, and the number of ransomware attacks have increased since the start of the coronavirus pandemic. Attackers are also threatening to publicly release sensitive data if ransom isn't paid. READ MORE...
A fresh malware trojan has emerged, built from the same code base as the stealthy COMPFun remote access trojan (RAT). The malware is using spoofed visa applications to hit diplomatic targets in Europe and may be the work of the Turla APT. According to researchers at Kaspersky, the fake visa application harbors code that acts as a first-stage dropper. READ MORE...
Microsoft is making the threat intelligence it's collected on coronavirus-related hacking campaigns public, the company announced Thursday. "As a security intelligence community, we are stronger when we share information that offers a more complete view of attackers' shifting techniques," the Microsoft Threat Intelligence team said in a blog post. "This more complete view enables us all to be more proactive in protecting, detecting, and defending against attacks." READ MORE...
When work-from-home became a sudden, urgent need in March, many organizations slapped together cloud-collaboration services such as Microsoft Office 365 for their newly locked-down staff. Unfortunately and understandably, pressure was high. People were scrambling. Thus did a number of those services get put together with a wing, a prayer, and misconfigurations that set them up to be targeted by malicious threat actors? READ MORE...
Cisco Systems and Palo Alto Networks have fixed similar high-risk authentication bypass vulnerabilities in their network security devices that were caused by an oversight in the implementation of the Kerberos protocol. Man-in-the-middle (MitM) attackers could exploit these weaknesses to get administrative control over the appliances. Researchers from security firm Silverfort discovered both vulnerabilities, which are similar and could potentially exist in other Kerberos implementations. READ MORE...