‘Sitting Ducks’ Attacks Create Hijacking Threat for Domain Name Owners – Dark Reading
Researchers say the attacks are easy to perform, difficult to contact, nearly unrecognizable, and “entirely preventable.” – Read More
Cyber
Black Basta Develops Custom Malware in Wake of Qakbot Takedown – Dark Reading
The prolific ransomware group has shifted away from phishing as the method of entry into corporate networks, and is now using initial access brokers as well as its own tools…
Attackers Hijack Facebook Pages, Promote Malicious AI Photo Editor – Dark Reading
A malvertising campaign uses phishing to steal legitimate account pages, with the endgame of delivering the Lumma stealer. – Read More
Will the public nature of ransom payments change CISO strategy over whether to pay? – CSO Online
Reports that a Fortune 50 company paid a $75 million ransom to the Dark Angels ransomware group back in March is raising questions about whether CISOs should revisit their ransomware…
Over 1 Million Domains at Risk of ‘Sitting Ducks’ Domain Hijacking Technique – The Hacker News
Over a million domains are susceptible to takeover by malicious actors by means of what has been called a Sitting Ducks attack. The powerful attack vector, which exploits weaknesses in…
Hackers Distributing Malicious Python Packages via Popular Developer Q&A Platform – The Hacker News
In yet another sign that threat actors are always looking out for new ways to trick users into downloading malware, it has come to light that the question-and-answer (Q&A) platform…
New Android Banking Trojan BingoMod Steals Money, Wipes Devices – The Hacker News
Cybersecurity researchers have uncovered a new Android remote access trojan (RAT) called BingoMod that not only performs fraudulent money transfers from the compromised devices but also wipes them in an…
Over 300 Indian banks suffer payment disruption from ransomware attack – CSO Online
C-Edge Technologies — a State Bank of India (SBI) and Tata Consultancy Services (TCS) joint venture — has suffered a ransomware attack, disrupting payment systems in nearly 300 small banks…
Obfuscation: There Are Two Sides To Everything – The Hacker News
How to detect and prevent attackers from using these various techniques Obfuscation is an important technique for protecting software that also carries risks, especially when used by malware authors. In…
Google Chrome Adds App-Bound Encryption to Protect Cookies from Malware – The Hacker News
Google has announced that it’s adding a new layer of protection to its Chrome browser through what’s called app-bound encryption to prevent information-stealing malware from grabbing cookies on Windows systems.…
Facebook Ads Lead to Fake Websites Stealing Credit Card Information – The Hacker News
Facebook users are the target of a scam e-commerce network that uses hundreds of fake websites to steal personal and financial data using brand impersonation and malvertising tricks. Recorded Future’s…
5 recommendations for acing the SEC cybersecurity rules – CSO Online
Rules implemented in 2023 by the US Securities and Exchange Commission (SEC) regarding risk management, strategy, governance, and incident disclosure have raised important considerations for security leaders of public companies…
Dashlane study reveals massive spike in passkey adoption – CSO Online
The adoption of passkeys, a passwordless technology for authenticating user access to cloud-hosted applications, is continuing its upward trend, findings released this week from password manager maker Dashlane reveal. While…
DigiCert validation bug sets up 83,267 SSL certs for revoking – CSO Online
Monday turned into a hectic day for some admins whose sites’ SSL/TLS certificates came from DigiCert. The company announced that it was revoking a small percentage of certificates that it…
Australian Companies Will Soon Need to Report Ransom Payments – Dark Reading
Significant upcoming legislation promises to tighten the screws on cyber incident response in Australia, mirroring CIRCIA in the US. – Read More