Collaborate Disseminate
There’s a new SSH vulnerability, Terrapin (pdf paper), and it’s got the potential to be nasty — but only in an extremely limited circumstance. To understand the problem, we have …read more Continue reading This Week in Security: Terrapin, Seized Unseized, and Autospill
From Interpol: LYON, FRANCE – A transcontinental police operation against online financial crime has concluded with almost 3,500 arrests and seizures of USD 300 million (approx. EUR 273 million) worth of assets across 34 countries. The six-month Operat… Continue reading USD 300 million seized and 3,500 suspects arrested in international financial crime operation
By Deeba Ahmed
Fake Complaints, Real Malware – Sophos Warns Hotels of Global Malspam Attack!
This is a post from HackRead.com Read the original post: Global malspam targets hotels, spreading Redline and Vidar stealers
Continue reading Global malspam targets hotels, spreading Redline and Vidar stealers
The Qakbot botnet has been disrupted this summer, but cybercriminals are not ready to give up on the malware: Microsoft’s threat analysts have spotted a new phishing campaign attempting to deliver it to targets in the hospitality industry. Qakbot… Continue reading Qakbot returns in fresh assault on hospitality sector
Security researchers have discovered the latest evolution in call-back phishing campaigns.
Read more in my article on the Tripwire State of Security blog. Continue reading Hackers exploit Google Forms to trick users into falling for call-back phishing attack
By Deeba Ahmed
Cloud Security Shakeup: Experts Urge Caution as OAuth Becomes Hacker Playground.
This is a post from HackRead.com Read the original post: Microsoft: Storm-1283 Sent 927,000 Phishing Emails with Malicious OAuth Apps
Continue reading Microsoft: Storm-1283 Sent 927,000 Phishing Emails with Malicious OAuth Apps
CISOs don’t need a crystal ball – they already know that 2024 will be another tough year, especially with AI at everyone’s mind. Instead of playing catch-up regarding the security of emerging tech like generative AI, organizations will prioritize… Continue reading Digital ops and ops management security predictions for 2024
By Waqas
BazarCall Evolves: Unraveling the Complexities of Google Forms in the Latest Phishing Tactics!
This is a post from HackRead.com Read the original post: Scammers Weaponize Google Forms in New BazarCall Attack
Continue reading Scammers Weaponize Google Forms in New BazarCall Attack
In November, Hunters International claimed that they had attacked Covenant Care. Since that time, they have been leaking what appears to be more and more patients’ protected health information (PHI) and employees’ personal information. Cove… Continue reading Covenant Care patient and employee data being leaked by ransomware group
Attackers are compromising high-privilege Microsoft accounts and abusing OAuth applications to launch a variety of financially-motivated attacks. Abusing OAuth applications OAuth is an open standard authentication protocol that uses tokens to grant app… Continue reading Attackers abuse OAuth apps to initiate large-scale cryptomining and spam campaigns