German Police Disrupt DDoS-for-Hire Platform dstat[.]cc; Suspects Arrested – OfficialSarkar

German Police Disrupt DDoS-for-Hire Platform dstat[.]cc; Suspects Arrested – OfficialSarkar

Nov 04, 2024Mohit KumarDDoS Attack / Cybercrime German law enforcement authorities have announced the disruption of a criminal service called dstat[.]cc that made it possible for other threat actors to easily mount distributed denial-of-service (DDoS) attacks. “The platform made such DDoS attacks accessible to a wide range of users, even those without any in-depth technical…

Cyber Threats That Could Impact the Retail Industry This Holiday Season (and What to Do About It) – OfficialSarkar

Cyber Threats That Could Impact the Retail Industry This Holiday Season (and What to Do About It) – OfficialSarkar

As the holiday season approaches, retail businesses are gearing up for their annual surge in online (and in-store) traffic. Unfortunately, this increase in activity also attracts cybercriminals looking to exploit vulnerabilities for their gain. Imperva, a Thales company, recently published its annual holiday shopping cybersecurity guide. Data from the Imperva Threat Research team’s six-month analysis…

New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls – OfficialSarkar

New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls – OfficialSarkar

Nov 04, 2024Ravie LakshmananMobile Security / Financial Fraud Cybersecurity researchers have discovered a new version of a well-known Android malware family dubbed FakeCall that employs voice phishing (aka vishing) techniques to trick users into parting with their personal information. “FakeCall is an extremely sophisticated Vishing attack that leverages malware to take almost complete control of…

AI, Fake Hosting, and Psychological Warfare – OfficialSarkar

AI, Fake Hosting, and Psychological Warfare – OfficialSarkar

U.S. and Israeli cybersecurity agencies have published a new advisory attributing an Iranian cyber group to targeting the 2024 Summer Olympics and compromising a French commercial dynamic display provider to show messages denouncing Israel’s participation in the sporting event. The activity has been pinned on an entity that’s known as Emennet Pasargad, which the agencies…

5 SaaS Misconfigurations Leading to Major Fu*%@ Ups – OfficialSarkar

5 SaaS Misconfigurations Leading to Major Fu*%@ Ups – OfficialSarkar

Nov 01, 2024The Hacker NewsSaaS Security / Insider Threat With so many SaaS applications, a range of configuration options, API capabilities, endless integrations, and app-to-app connections, the SaaS risk possibilities are endless. Critical organizational assets and data are at risk from malicious actors, data breaches, and insider threats, which pose many challenges for security teams….

Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned – OfficialSarkar

Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned – OfficialSarkar

Nov 01, 2024Ravie LakshmananVulnerability / Cloud Security Cybersecurity researchers have flagged a “massive” campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even extract cloud credentials from the source code. The activity, codenamed EMERALDWHALE, is estimated to have collected over 10,000 private repositories and stored in an Amazon S3 storage bucket…

Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft – OfficialSarkar

Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft – OfficialSarkar

Nov 01, 2024Ravie LakshmananThreat Intelligence / Network Security Microsoft has revealed that a Chinese threat actor it tracks as Storm-0940 is leveraging a botnet called Quad7 to orchestrate highly evasive password spray attacks. The tech giant has given the botnet the name CovertNetwork-1658, stating the password spray operations are used to steal credentials from multiple…

Microsoft Delays Windows Copilot+ Recall Release Over Privacy Concerns – OfficialSarkar

Microsoft Delays Windows Copilot+ Recall Release Over Privacy Concerns – OfficialSarkar

Nov 01, 2024Ravie LakshmananData Security / Artificial Intelligence Microsoft is further delaying the release of its controversial Recall feature for Windows Copilot+ PCs, stating it’s taking the time to improve the experience. The development was first reported by The Verge. The artificial intelligence-powered tool was initially slated for a preview release starting in October. “We…

New Phishing Kit Xiū gǒu Targets Users Across Five Countries With 2,000 Fake Sites – OfficialSarkar

New Phishing Kit Xiū gǒu Targets Users Across Five Countries With 2,000 Fake Sites – OfficialSarkar

Cybersecurity researchers have disclosed a new phishing kit that has been put to use in campaigns targeting Australia, Japan, Spain, the U.K., and the U.S. since at least September 2024. Netcraft said more than 2,000 phishing websites have been identified the kit, known as Xiū gǒu, with the offering used in attacks aimed at a…

Learn Key Identity Security Tactics in This Expert Webinar – OfficialSarkar

Learn Key Identity Security Tactics in This Expert Webinar – OfficialSarkar

Nov 01, 2024The Hacker NewsSaaS Security / Identity Security Did you know that advanced threat actors can infiltrate the identity systems of major organizations and extract sensitive data within days? It’s a chilling reality, becoming more common and concerning by the day. These attackers exploit vulnerabilities in SaaS and cloud environments, using compromised identities to…