Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services

April 17, 2024 at 04:42AM Cisco warns of a surge in brute-force attacks targeting VPN services, web application interfaces, and SSH services, originating from TOR exit nodes and other proxy services. Various devices are being targeted across different sectors and geographies using both generic and valid usernames. Additionally, threat actors are exploiting a security flaw … Read more

Top MITRE ATT&CK Techniques and How to Defend Against Them

April 10, 2024 at 01:04AM MITRE ATT&CK techniques dominate cybersecurity incidents, particularly command and scripting interpreters (T1059) and phishing (T1566). A report by D3 Security reveals these techniques surpass others significantly. The widespread usage of malicious scripts underlines the need for comprehensive incident response plans. Additionally, robust education and multifactor authentication help defend against phishing … Read more

Ukraine Arrests Trio for Hijacking Over 100 Million Email and Instagram Accounts

March 20, 2024 at 03:54AM Ukraine’s Cyber Police arrested three individuals for hijacking 100M emails and Instagram accounts, facing up to 15 years in prison if convicted. The group carried out brute-force attacks to take over accounts and sold the credentials on the dark web. In the U.S., Robert Purbeck pleaded guilty to breaching entities … Read more

Ukraine arrests hackers trying to sell 100 million stolen accounts

March 19, 2024 at 02:22PM The Ukrainian cyber police, in collaboration with national police, have arrested three individuals accused of hijacking over 100 million emails and Instagram accounts worldwide, using specialized software to brute-force account passwords. The cybercriminals sold access to compromised accounts and are charged with unauthorized interference in information systems, with a potential … Read more

Credentials are Still King: Leaked Credentials, Data Breaches and Dark Web Markets

January 18, 2024 at 11:03AM Infostealer malware poses a significant risk to corporate information security by stealing credentials, cookies, and other data, leading to data breaches and ransomware distribution. Leaked credentials from breaches and infostealers are a substantial threat, prompting organizations to monitor and defend against them. Flare offers a solution to detect and mitigate … Read more

MySQL servers targeted by ‘Ddostf’ DDoS-as-a-Service botnet

November 16, 2023 at 03:16PM Researchers at AhnLab Security Emergency Response Center (ASEC) have discovered a new campaign targeting MySQL servers with the ‘Ddostf’ malware botnet. The attackers exploit vulnerabilities or weak credentials to gain access to the servers and use user-defined functions (UDFs) to execute commands. The primary payload is the Ddostf bot client, … Read more

Microsoft Improving Windows Authentication, Disabling NTLM

October 16, 2023 at 08:24AM Microsoft is working on new features for Kerberos to improve Windows authentication security and eliminate the use of the NTLM protocol. The features include Initial and Pass Through Authentication Using Kerberos (IAKerb), which allows authentication through a server in firewall segmented environments or remote access scenarios. The second feature is … Read more