March 1, 2024 at 08:57AM Five Eyes agencies warn of ongoing exploitation of Ivanti VPN flaws and encourage organizations to assume credentials have been compromised, hunt for malicious activity, use Ivanti’s Integrity Checker Tool, and apply patches. Ivanti releases enhanced ICT to detect new/changed files on affected appliances. Agencies offer IoCs, Yara rules, and incident … Read more
February 19, 2024 at 08:51AM Meta Platforms curtailed malicious activity from firms in Italy, Spain, and the U.A.E. operating in surveillance-for-hire. Spyware targeted iOS, Android, and Windows devices, collecting device info, media, and enabling camera and microphone. Accounts in Italy and Spain were involved in social engineering. Meta also acted on coordinated inauthentic behavior from … Read more
January 15, 2024 at 06:12AM Security solutions provider Netscout has observed a significant increase in botnet scanning activity, with peak numbers reaching 43,000 devices on December 20. The use of free cloud and hosting servers by attackers to create botnet launch pads has risen, allowing for anonymity and low overhead. The scanning represents reconnaissance activity … Read more
October 16, 2023 at 05:37PM Discord is increasingly being used by hackers and advanced persistent threat (APT) groups to distribute malware, steal data, and target critical infrastructure. Trellix’s report highlights how Discord’s content delivery network (CDN) is utilized for delivering malicious payloads, while webhooks are abused for data theft. The report also notes that APT … Read more