The Russia-linked threat group known as APT28 has changed up its tactics to include Office 365 password-cracking and credential-harvesting. Source link The post APT28 Mounts Rapid, Large-Scale Theft of Office 365 Logins appeared first on The Hacker Journal ..read more

Social media platforms attract cybercriminals like a corpse attracts vultures. With billions of people using social media on the global scale, the online channels for communication have become a major phishing spot for cyberattackers. Feasting their eyes on social media Impersonation is a prime technique used in different social engineering attacks. Scammers pretend to be someone with authority, denigrate people, tarnish brand reputations, or con followers into committing fraudulent activities. Cybercriminals are leveraging social media networks to launch phishing attacks, befriending their ..read more

Brand trust is more important than ever for customers looking to engage with online services, professions, or retail shops. However, cybercriminals have scaled up their malicious activities by squatting domain names of popular brands to confuse and target users. What does the report say? According to a report from Palo Alto Unit 42 Networks, threat actors are repurposing the old-school cybersquatting attack technique to accomplish a wide range of malicious objectives. From December 2019 to date, the attack method was used for: Malware distribution: A domain mimicking Samsung hosted AZORult ..read more

Botnets have been plaguing the world for a couple of decades now. They never fail to surprise security analysts and law enforcement. What’s going on? Avast Security, in a detailed blog post, explained how two DVB boxes are prone to both ransomware and botnet attacks. These boxes are Philips DTR3502BFTA and Thomson THT741FTA. The vulnerability is mainly because of the lack of encryption in these devices. Moreover, the Telnet protocol was spotted exposing infection from the Mirai botnet. What does this imply? Attackers can tamper with the content exhibited to the user through RSS feed an ..read more

FILE PHOTO: China’s Foreign Minister Wang Yi addresses the media during a joint news conference with German Foreign Minister Heiko Maas (not pictured) as part of a meeting in Berlin, Germany September 1, 2020. Michael Sohn/Pool via REUTERS/File Photo (Reuters) – China is launching an initiative to set global standards on data security, countering U.S. efforts to persuade countries to ringfence their networks from Chinese technology, the Wall Street Journal reported on Monday. Under its “Global Initiative on Data Security,” China would call on all countries to handle data security in a “com ..read more

The instant-messaging site WhatsApp has announced that it has fixed six previously undisclosed vulnerabilities after they were revealed on a security advisory news website. This site will continue to update a comprehensive list of WhatsApp security updates and associated Common Vulnerabilities and Exposures (CVE). It is believed WhatsApp remediated the majority of the flaws on the same day with one taking more time. Thankfully for WhatsApp users, there were no signs of cybercriminals using the vulnerabilities for nefarious means. Source link The post More critical vulnerabilities within ..read more

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter. Source link The post Attackers Can Exploit Critical Cisco Jabber Flaw With One Message appeared first on The Hacker Journal ..read more

Security researchers in the United Kingdom said it took SonicWall more than two weeks to patch a vulnerability in 1.9 million SonicWall user groups, affecting some 10 million managed devices and 500,000 organizations. In a blog released by Pen Test Partners, the researchers said the response took far too long for this type of flaw. SonicWall countered by saying that the company responded promptly and no vulnerabilities were exploited. According to the blog, attackers could have potentially taken advantage of an IDOR to access the SonicWall cloud service. An IDOR is a flaw in an API or web ap ..read more

Pioneer Kitten (aka Fox Kitten) is known for using open-source tools to compromise remote external services and infiltrating corporate networks. What happened? The Iranian APT group has been attacking corporate VPNs over the past months, and was recently seen selling corporate-network credentials on hacker forums. Pioneer Kitten’s targets are North American and Israeli organizations in various sectors that represent some type of intelligence interest to the Iranian government. According to Crowdstrike, this indicates that the APT group is probably looking out for an additional source of inc ..read more

Emotet malware operators are apparently on a continuous mission of enhancing the notorious malware family. They have recently come up with a new way to target their victims into opening up malicious documents. Latest discovery Until some time ago, Emotet botnet campaigns used an iOS-themed document template that informed users that the document was created on iOS, and the user needs to ‘Enable Content’ to view it properly. However, that is not the case anymore. On August 25, 2020, the botnet started using a new template for its malicious Word documents. Researchers named it Red Dawn due to ..read more