A previously undocumented malware downloader has been spotted in the wild in phishing attacks to deploy credential stealers and other malicious payloads. Dubbed "Saint Bot," the malware is said to have first appeared on the scene in January 2021, with indications that it's under active development. "Saint Bot is a downloader that appeared quite recently, and slowly is getting … [Read more...] about Alert — There’s A New Malware Out There Snatching Users’ Passwords
hacker news
Researchers uncover a new Iranian malware used in recent cyberattacks
An Iranian threat actor has unleashed a new cyberespionage campaign against a possible Lebanese target with a backdoor capable of exfiltrating sensitive information from compromised systems. Cybersecurity firm Check Point attributed the operation to APT34, citing similarities with previous techniques used by the threat actor as well as based on its pattern of victimology. APT34 … [Read more...] about Researchers uncover a new Iranian malware used in recent cyberattacks
A Guide to Weathering the Upcoming Vendor Positioning Storm
April is usually a whirlwind month for the cybersecurity industry as it coincides with the release of the highly regarded and influential MITRE ATT&CK test results. The ATT&CK test measures cybersecurity platforms' abilities to detect and react to emulated, multistep attacks that can be used as a barometer of platform effectiveness. This means that every cybersecurity … [Read more...] about A Guide to Weathering the Upcoming Vendor Positioning Storm
11 Useful Security Tips for Securing Your AWS Environment
Want to take advantage of excellent cloud services? Amazon Web Services may be the perfect solution, but don't forget about AWS security. Whether you want to use AWS for a few things or everything, you need to protect access to it. Then you can make sure your business can run smoothly. Read on to learn some important AWS security tips. Use Multi-Factor authentication When … [Read more...] about 11 Useful Security Tips for Securing Your AWS Environment
Watch Out! Mission Critical SAP Applications Are Under Active Attack
Cyber attackers are actively setting their sights on unsecured SAP applications in an attempt to steal information and sabotage critical processes, according to new research. "Observed exploitation could lead in many cases to full control of the unsecured SAP application, bypassing common security and compliance controls, and enabling attackers to steal sensitive information, … [Read more...] about Watch Out! Mission Critical SAP Applications Are Under Active Attack
How the Work-From-Home Shift Impacts SaaS Security
The data is in. According to IBM Security's 2020 Cost of a Data Breach Report, there is a 50% increase in cloud usage for enterprises across all industries. The number of threats targeting cloud services, predominantly collaboration services like Office 365,hasi ncreased 630%. Moreover, 75% of respondents report that discovery and recovery time from data breaches has … [Read more...] about How the Work-From-Home Shift Impacts SaaS Security
533 Million Facebook Users’ Phone Numbers and Personal Data Leaked Online
In what's likely to be a goldmine for bad actors, personal information associated with approximately 533 million Facebook users worldwide has been leaked on a popular cybercrime forum for free—which was harvested by hackers in 2019 using a Facebook vulnerability. The leaked data includes full names, Facebook IDs, mobile numbers, locations, email addresses, gender, occupation, … [Read more...] about 533 Million Facebook Users’ Phone Numbers and Personal Data Leaked Online
How Cyrebro Can Unify Multiple Cybersecurity Defenses to Optimize Protection
Many enterprises rely on more than one security tool to protect their technology assets, devices, and networks. This is particularly true for organizations that use hybrid systems or a combination of cloud and local applications. Likewise, companies whose networks include a multitude of smartphones and IoT devices are likely to deploy multiple security solutions suitable for … [Read more...] about How Cyrebro Can Unify Multiple Cybersecurity Defenses to Optimize Protection
DeepDotWeb Admin Pleads Guilty to Money Laundering Charges
The U.S. Department of Justice (DoJ) on Wednesday said that an Israeli national pleaded guilty for his role as an "administrator" of a portal called DeepDotWeb (DDW), a "news" website that "served as a gateway to numerous dark web marketplaces." According to the unsealed court documents, Tal Prihar, 37, an Israeli citizen residing in Brazil, operated DDW alongside Michael Phan, … [Read more...] about DeepDotWeb Admin Pleads Guilty to Money Laundering Charges
Chinese Hackers Used Facebook to Hack Uighur Muslims Living Abroad
Facebook may be banned in China, but the company on Wednesday said it has disrupted a network of bad actors using its platform to target the Uyghur community and lure them into downloading malicious software that would allow surveillance of their devices. "They targeted activists, journalists and dissidents predominantly among Uyghurs from Xinjiang in China primarily living … [Read more...] about Chinese Hackers Used Facebook to Hack Uighur Muslims Living Abroad