Why your password policy should include a custom dictionary wordlist

October 3, 2024 at 10:15PM Custom dictionaries are essential for strengthening password security. They block the use of common words, industry and organization-specific terms, and easily guessable patterns, adding an extra layer of defense against targeted attacks. Integrating custom dictionaries with tools like Specops Password Policy enhances Active Directory password security and reduces the risk … Read more

Ukraine-Russia Cyber Battles Tip Over Into the Real World

October 3, 2024 at 04:47PM The ongoing kinetic war between Russia and Ukraine has spilled over into cyberspace, with hackers targeting key infrastructure, government bodies, and individual military personnel. Russian-aligned cyber actors, including advanced persistent threat (APT) groups like Gamaredon, have intensified their attacks, infiltrating secure communication channels and posing a significant threat to cybersecurity. … Read more

UAE, Saudi Arabia Become Plum Cyberattack Targets

October 1, 2024 at 01:09AM Cyberattackers and hacktivists are increasingly targeting the Gulf Cooperative Council (GCC) region, with a 70% rise in DDoS attacks in the first half of the year. The UAE faces an average of 50,000 cyberattacks daily, while Saudi Arabia was targeted by a China-linked group. The increase in attacks may involve … Read more

Rackspace monitoring systems hit by zero-day

September 30, 2024 at 07:18PM Rackspace recently faced a security breach when intruders exploited a zero-day bug in a third-party application, impacting its internal performance monitoring system. This led to temporary suspension of its monitoring dashboard. Although some customer information was accessed, Rackspace promptly isolated the affected equipment and worked on a patch in collaboration … Read more

How to Plan and Prepare for Penetration Testing

September 27, 2024 at 07:30AM The advancing security technology is matched by adversaries implementing new techniques to enhance speed and impact while evading detection. Ransomware and malware remain prominent tools for cyber criminals, with hands-on intrusion techniques posing a threat. To manage risks, security practitioners seek penetration testing services, which involve detailed planning and preparation. … Read more

FBI, CISA Warn of Fake Voter Data Hacking Claims

September 16, 2024 at 09:45AM Hackers are falsely claiming to have compromised US election infrastructure, but the FBI and CISA refute these assertions, stating that no evidence of cyberattacks preventing elections, altering voter information, tampering with ballots, or disrupting vote counts exists. They caution the public to critically assess claims of leaked voter data, as … Read more

New Linux malware Hadooken targets Oracle WebLogic servers

September 13, 2024 at 01:11PM Hackers are focusing on Oracle WebLogic servers to inject them with a new Linux malware called “Hadooken.” This malware initiates a cryptominer and a tool for distributed denial-of-service (DDoS) attacks. Based on the meeting notes, it is evident that there is a significant security concern related to hackers targeting Oracle … Read more

Hackers targeting WhatsUp Gold with public exploit since August

September 12, 2024 at 12:43PM Hackers are utilizing publicly available exploit code to target two critical vulnerabilities in the WhatsUp Gold network monitoring solution from Progress Software. Based on the meeting notes, it appears that hackers have been exploiting two critical vulnerabilities in the WhatsUp Gold network availability and performance monitoring solution from Progress Software … Read more

Hacker trap: Fake OnlyFans tool backstabs cybercriminals, steals passwords

September 5, 2024 at 11:28AM Hackers are using a fake OnlyFans tool to target other hackers, claiming to help steal accounts but actually infecting them with the Lumma stealer malware, which steals information. It seems like the meeting notes are discussing how hackers are targeting other hackers with a fake OnlyFans tool that claims to … Read more

Fake OnlyFans cybercrime tool infects hackers with malware

September 5, 2024 at 06:24AM Hackers deceive other hackers by distributing a fake tool for OnlyFans, infecting them with Lumma stealer malware. This exemplifies the blurred lines in cybercrime. Lumma is an info-stealing malware, with the capability to spread additional payloads and regain expired Google tokens. Veriti’s findings also uncover a broader operation targeting Disney+ … Read more