Category Archives: Threat intelligence
Data on 3.2 million DriveSure clients exposed on hacking forum
Hackers published data on 3.2 million users lifted from DriveSure data on the Raidforums hacking forum late last month. To prove the data’s quality, threat actor “pompompurin” detailed the leaked files and user information information in a lengthy post, according to researchers at Risk Based Security, who were the first to report the breach. The…
The post Data on 3.2 million DriveSure clients exposed on hacking forum appeared first on SC Media.
Threat intel is a game changer, if only firms can figure out how to bake it into cyber programs
Despite increased perceptions about the value of cyber threat intelligence, many businesses and industries still struggle to define what it actually means to them: which capabilities to incorporate, and how to do the ground level planning necessary to support the telemetry and technological tools they put in place.
The post Threat intel is a game changer, if only firms can figure out how to bake it into cyber programs appeared first on SC Media.
Lebanese APT group with suspected links to Hezbollah breached 250 servers worldwide
Some 250 servers were apparently breached by the Lebanese Cedar APT group, an organization with suspected links to the Hezbollah Cyber Unit in Lebanon. The target victims include companies from many countries, including the United States, United Kingdom, Saudi Arabia, Egypt, Jordan, Lebanon, Israel and the Palestinian Authority. Many more companies and organizations have been…
The post Lebanese APT group with suspected links to Hezbollah breached 250 servers worldwide appeared first on SC Media.
Flaws in open source library used by DoD, IC for satellite imagery could lead to system takeovers
Two vulnerabilities discovered could lead to remote code execution, while another could lead to denial of service attacks.
The post Flaws in open source library used by DoD, IC for satellite imagery could lead to system takeovers appeared first on SC Media.
BEC attack techniques exploit Microsoft 365 messages
Attackers exploit Microsoft 365 “read receipt” and “out of office” message loopholes to evade auto-remediation of a malicious email.
The post BEC attack techniques exploit Microsoft 365 messages appeared first on SC Media.
Google discloses spearphishing targeting security researchers
Depending on how widespread the compromises were, it could potentially taint some research and defensive strategies that threat intelligence firms share with businesses and other organizations.
The post Google discloses spearphishing targeting security researchers appeared first on SC Media.
In second attack DDoS group demands 5 bitcoin payment
Five Radware customers received extortion letters in December and January threatening a DDoS attack if they did not pay five bitcoin (worth about $200,000) from a group that wanted the victims to believe they were from Fancy Bear, Lazarus Group and the Armada Collective. The threat group first attacked late last summer and in the…
The post In second attack DDoS group demands 5 bitcoin payment appeared first on SC Media.
Sunbust avoided indicators of compromise with SolarWinds hack, but left breadcrumbs
Joe Slowik, senior security researcher at DomainTools, spoke to SC Media about how the SolarWind attackers remained undetected for so long, and how domain data could be used to weaponize network observables against sophisticated attackers.
The post Sunbust avoided indicators of compromise with SolarWinds hack, but left breadcrumbs appeared first on SC Media.
7 vulnerabilities in popular DNS forwarding software open door to range of attacks
Researchers at JSOF have discovered distinct spoofing and buffer overflow vulnerabilities associated with DNSMasq, used in networking devices to cache and forward Domain Name System requests.
The post 7 vulnerabilities in popular DNS forwarding software open door to range of attacks appeared first on SC Media.