attack

Chinese Hackers Exploit Fortinet Zero-Day Flaw for Cyber Espionage Attack

Mar 18, 2023 by iHash Leave a Comment

Mar 18, 2023Ravie LakshmananNetwork Security / Cyber Espionage The zero-day exploitation of a now-patched medium-severity security flaw in the Fortinet FortiOS operating system has been linked to a suspected Chinese hacking group. Threat intelligence firm Mandiant, which made the attribution, said the activity cluster is part of a broader campaign designed to deploy backdoors … [Read more...] about Chinese Hackers Exploit Fortinet Zero-Day Flaw for Cyber Espionage Attack

How a man-on-the-side attack works

Feb 14, 2023 by iHash Leave a Comment

There are attacks that everyone’s heard of, like distributed denial-of-service (DDoS) attacks; there are those that mostly only professionals know about, such as man-in-the-middle (MitM) attacks; and then there are the rarer, more exotic ones, like man-on-the-side (MotS) attacks. In this post, we talk about the latter in more detail, and discuss how they differ from … [Read more...] about How a man-on-the-side attack works

Massive HTTP DDoS Attack Hits Record High of 71 Million Requests/Second

Feb 14, 2023 by iHash Leave a Comment

Feb 14, 2023Ravie Lakshmanan Web infrastructure company Cloudflare on Monday disclosed that it thwarted a record-breaking distributed denial-of-service (DDoS) attack that peaked at over 71 million requests per second (RPS). "The majority of attacks peaked in the ballpark of 50-70 million requests per second (RPS) with the largest exceeding 71 million," the company said, … [Read more...] about Massive HTTP DDoS Attack Hits Record High of 71 Million Requests/Second

Malware Attack on CircleCI Engineer’s Laptop Leads to Recent Security Incident

Jan 14, 2023 by iHash Leave a Comment

Jan 14, 2023Ravie LakshmananDevOps / Data Security DevOps platform CircleCI on Friday disclosed that unidentified threat actors compromised an employee's laptop and leveraged malware to steal their two-factor authentication-backed credentials to breach the company's systems and data last month. The CI/CD service CircleCI said the "sophisticated attack" took place on December … [Read more...] about Malware Attack on CircleCI Engineer’s Laptop Leads to Recent Security Incident

Cacti Servers Under Attack as Majority Fail to Patch Critical Vulnerability

Jan 14, 2023 by iHash Leave a Comment

Jan 14, 2023Ravie LakshmananServer Security / Patch Management A majority of internet-exposed Cacti servers have not been patched against a recently patched critical security vulnerability that has come under active exploitation in the wild. That's according to attack surface management platform Censys, which found only 26 out of a total of 6,427 servers to be running a … [Read more...] about Cacti Servers Under Attack as Majority Fail to Patch Critical Vulnerability

Researchers Detail New Attack Method to Bypass Popular Web Application Firewalls

Dec 10, 2022 by iHash Leave a Comment

Dec 10, 2022Ravie LakshmananWeb App Firewall / Web Security A new attack method can be used to circumvent web application firewalls (WAFs) of various vendors and infiltrate systems, potentially enabling attackers to gain access to sensitive business and customer information. Web application firewalls are a key line of defense to help filter, monitor, and block HTTP(S) traffic … [Read more...] about Researchers Detail New Attack Method to Bypass Popular Web Application Firewalls

W4SP Stealer Constantly Targeting Python Developers in Ongoing Supply Chain Attack

Nov 18, 2022 by iHash Leave a Comment

An ongoing supply chain attack has been leveraging malicious Python packages to distribute malware called W4SP Stealer, with over hundreds of victims ensnared to date. "The threat actor is still active and is releasing more malicious packages," Checkmarx researcher Jossef Harush said in a technical write-up, calling the adversary WASP. "The attack seems related to cybercrime as … [Read more...] about W4SP Stealer Constantly Targeting Python Developers in Ongoing Supply Chain Attack

Indian Energy Company Tata Power’s IT Infrastructure Hit By Cyber Attack

Oct 15, 2022 by iHash Leave a Comment

Tata Power Company Limited, India's largest integrated power company, on Friday confirmed it was targeted by a cyberattack. The intrusion on IT infrastructure impacted "some of its IT systems," the company said in a filing with the National Stock Exchange (NSE) of India. It further said it has taken steps to retrieve and restore the affected machines, adding it put in place … [Read more...] about Indian Energy Company Tata Power’s IT Infrastructure Hit By Cyber Attack

New Chinese Malware Attack Framework Targets Windows, macOS, and Linux Systems

Oct 13, 2022 by iHash Leave a Comment

A previously undocumented command-and-control (C2) framework dubbed Alchimist is likely being used in the wild to target Windows, macOS, and Linux systems. "Alchimist C2 has a web interface written in Simplified Chinese and can generate a configured payload, establish remote sessions, deploy payload to the remote machines, capture screenshots, perform remote shellcode … [Read more...] about New Chinese Malware Attack Framework Targets Windows, macOS, and Linux Systems

Credential Theft Is (Still) A Top Attack Method

Aug 15, 2022 by iHash Leave a Comment

Credential theft is clearly still a problem. Even after years of warnings, changing password requirements, and multiple forms of authentication, password stealing remains a top attack method used by cyber criminals. The latest report from the Ponemon Institute shares that 54% of security incidents were caused by credential theft, followed by ransomware and DDoS attacks. 59% of … [Read more...] about Credential Theft Is (Still) A Top Attack Method

« Previous Page

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54