SMTP (Simple Mail Transfer Protocol, the main email transmission protocol in TCP/IP networks) offers no protection against spoofing, so it is fairly easy to spoof the sender’s address.
DarkSide’s attack on Colonial Pipeline did not just thrust the gang onto the international stage but also cast a spotlight on a rapidly expanding criminal industry based primarily in Russia.
Foreign hackers made their way into the webserver of a local U.S. municipal government after exploiting vulnerabilities in an unpatched Fortinet VPN appliance. The FBI shared IOCs for the same.
Misconfigured Docker daemon is a well-known security issue. Palo Alto Networks deployed a honeypot mimicking a misconfigured Docker daemon and found that three-fourth of attacks were cryptojacking attacks.
Bitdefender researchers have discovered a batch of new malicious Android applications that impersonate real ones from popular brands but with a twist to spread TeaBot and FluBot malware.
The Steamship Authority said a team of IT professionals was assessing the impact of the attack. “Additional information will be provided upon completion of the initial assessment,” the company said.
Many cybercriminals who sell ransomware-as-a-service campaigns offer a DDoS attack as an extra service. “It’s a little bit ransom, a little bit DDoS extortion, and a lot of trouble,” NETSCOUT said.
AMT Games, which has produced a string of mobile and social titles with tens of millions of downloads between them, exposed 1.5TB of data via a misconfigured Elasticsearch server.
AMSI’s integration with Office 365 was recently upgraded to include Excel 4.0 (XLM) macro scanning to try and combat the increase of malicious macros as an infection vector.
Scripps Health announced that it has begun notifying nearly 150,000 individuals that their personal information was stolen by hackers during the ransomware attack on May 1.