attack

New ‘Loop DoS’ Attack Impacts Hundreds of Thousands of Systems

Mar 20, 2024 by iHash Leave a Comment

Mar 20, 2024NewsroomDoS Attack / Network Security A novel denial-of-service (DoS) attack vector has been found to target application-layer protocols based on User Datagram Protocol (UDP), putting hundreds of thousands of hosts likely at risk. Called Loop DoS attacks, the approach pairs "servers of these protocols in such a way that they communicate with each other … [Read more...] about New ‘Loop DoS’ Attack Impacts Hundreds of Thousands of Systems

The Anatomy of an ALPHA SPIDER Ransomware Attack

Mar 17, 2024 by iHash Leave a Comment

ALPHA SPIDER is the adversary behind the development and operation of the Alphv ransomware as a service (RaaS). Over the last year, ALPHA SPIDER affiliates have been leveraging a variety of novel techniques as part of their ransomware operations. CrowdStrike Services has observed techniques such as the usage of NTFS Alternate Data Streams for hiding a reverse SSH tool, … [Read more...] about The Anatomy of an ALPHA SPIDER Ransomware Attack

KeyTrap attack can take out a DNS server

Feb 19, 2024 by iHash Leave a Comment

A group of researchers representing several German universities and institutes have discovered a vulnerability in DNSSEC, a set of extensions to the DNS protocol designed to improve its security, and primarily to counter DNS spoofing. An attack they dubbed KeyTrap, which exploits the vulnerability, can disable a DNS server by sending it a single malicious data packet. Read on … [Read more...] about KeyTrap attack can take out a DNS server

Exposed Docker APIs Under Attack in ‘Commando Cat’ Cryptojacking Campaign

Feb 1, 2024 by iHash Leave a Comment

Feb 01, 2024NewsroomCryptojacking / Linux Security Exposed Docker API endpoints over the internet are under assault from a sophisticated cryptojacking campaign called Commando Cat. "The campaign deploys a benign container generated using the Commando project," Cado security researchers Nate Bill and Matt Muir said in a new report published today. "The attacker escapes this … [Read more...] about Exposed Docker APIs Under Attack in ‘Commando Cat’ Cryptojacking Campaign

Getting off the Attack Surface Hamster Wheel: Identity Can Help

Jan 10, 2024 by iHash Leave a Comment

IT professionals have developed a sophisticated understanding of the enterprise attack surface – what it is, how to quantify it and how to manage it. The process is simple: begin by thoroughly assessing the attack surface, encompassing the entire IT environment. Identify all potential entry and exit points where unauthorized access could occur. Strengthen these vulnerable … [Read more...] about Getting off the Attack Surface Hamster Wheel: Identity Can Help

New BLUFFS Bluetooth Attack Expose Devices to Adversary-in-the-Middle Attacks

Dec 4, 2023 by iHash Leave a Comment

Dec 04, 2023NewsroomEncryption / Technology New research has unearthed multiple novel attacks that break Bluetooth Classic's forward secrecy and future secrecy guarantees, resulting in adversary-in-the-middle (AitM) scenarios between two already connected peers. The issues, collectively named BLUFFS, impact Bluetooth Core Specification 4.2 through 5.4. They are tracked under … [Read more...] about New BLUFFS Bluetooth Attack Expose Devices to Adversary-in-the-Middle Attacks

Iranian Hackers Exploit PLCs in Attack on Water Authority in U.S.

Nov 29, 2023 by iHash Leave a Comment

Nov 29, 2023NewsroomCyber Attack / Hacking The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed that it's responding to a cyber attack that involved the active exploitation of Unitronics programmable logic controllers (PLCs) to target the Municipal Water Authority of Aliquippa in western Pennsylvania. The attack has been attributed to an Iranian-backed … [Read more...] about Iranian Hackers Exploit PLCs in Attack on Water Authority in U.S.

New ‘HrServ.dll’ Web Shell Detected in APT Attack Targeting Afghan Government

Nov 25, 2023 by iHash Leave a Comment

Nov 25, 2023NewsroomCyber Attack / Threat Intelligence An unspecified government entity in Afghanistan was targeted by a previously undocumented web shell called HrServ in what's suspected to be an advanced persistent threat (APT) attack. The web shell, a dynamic-link library (DLL) named "hrserv.dll," exhibits "sophisticated features such as custom encoding methods for client … [Read more...] about New ‘HrServ.dll’ Web Shell Detected in APT Attack Targeting Afghan Government

Critical GitHub Vulnerability Exposes 4,000+ Repositories to Repojacking Attack

Sep 12, 2023 by iHash Leave a Comment

Sep 12, 2023THNSoftware Security / Vulnerability A new vulnerability disclosed in GitHub could have exposed thousands of repositories at risk of repojacking attacks, new findings show. The flaw "could allow an attacker to exploit a race condition within GitHub's repository creation and username renaming operations," Checkmarx security researcher Elad Rapoport said in a … [Read more...] about Critical GitHub Vulnerability Exposes 4,000+ Repositories to Repojacking Attack

Employee Falls Victim to SIM Swapping Attack

Aug 26, 2023 by iHash Leave a Comment

Aug 26, 2023THNData Breach / SIM Swapping Risk and financial advisory solutions provider Kroll on Friday disclosed that one of its employees fell victim to a "highly sophisticated" SIM swapping attack. The incident, which took place on August 19, 2023, targeted the employee's T-Mobile account, the company said. "Specifically, T-Mobile, without any authority from or contact … [Read more...] about Employee Falls Victim to SIM Swapping Attack

« Previous Page

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54