Cyber Threats
WordPress Brute-Force Attacks: Sites Used As Staging Ground
Wajahat Raja | | Admin Interface, brute-force attacks, Crypto Drainers, Cyber Threats, Cybersecurity News, Distributed Brute-Force Attacks, Malicious JavaScript Injections, Password Security, security measures, sucuri, Vulnerability Exploitation, Website Security, wordpress security, XMLRPC.php File
In a recent discovery by Sucuri, a concerning trend has emerged involving brute-force attacks on WordPress sites through malicious JavaScript injections. These WordPress brute-force attacks stand out for their stealthy approach. Security ...
CISA Adds JetBrains TeamCity Vulnerability To KEV Catalog
Wajahat Raja | | authentication bypass, Business Resilience, CVE-2024-27198, CVE-2024-27199, Cyber Threats, Cybersecurity News, Endpoint security, JetBrains TeamCity, patch management, risk mitigation, Software Security, Vulnerability Management
The US Cybersecurity and Infrastructure Security Agency (CISA) has flagged a critical JetBrains TeamCity vulnerability, emphasizing the urgent need for users to take preventive measures. The recently discovered flaw has been added ...
5M WordPress Websites At Risk Amid LiteSpeed Plugin Flaw
Wajahat Raja | | Cross-Site Scripting (XSS), Cyber Threats, Cybersecurity News, Cybersecurity Vulnerabilities, LiteSpeed Plugin, patch management, Privilege Escalation, Website Acceleration, Website Optimization, Website Security, wordpress security, Wordpress updates
A highly sensitive flaw has been identified in the LiteSpeed plugin of WordPress, which has put as many as 5 million websites at risk. Uncovered by the cybersecurity experts at Patchstack, the ...
BlackCloak Identifies Rising Cyber Threats Against Crypto-Invested Venture Capital and Private Equity Firm
The BlackCloak Threat Intelligence Team is currently observing and pinpointing new strategies deployed by cybercriminals targeting venture capital and private equity firms with investments in cryptocurrency. These malicious actors are not just ...
Alert: FBI Warns Of BlackCat Ransomware Healthcare Attack
Wajahat Raja | | BlackCat ransomware, ConnectWise Vulnerabilities, Cyber Threats, Cybersecurity Advisory, Cybersecurity Measures, Cybersecurity News, FBI warning, healthcare cybersecurity, ransomware mitigation, Ransomware Resurgence, Remote Access Security
In recent months, a concerning trend has emerged within the healthcare sector: the resurgence of BlackCat ransomware attacks. The BlackCat ransomware healthcare attack has prompted a joint advisory from the Federal Bureau ...
New SSH-Snake Worm-Like Tool Threatens Network Security
Rohan Timalsina | | Cyber Threats, Cybersecurity, cybersecurity defense strategies, cybersecurity threats, Cybersecurity Weaknesses, enterprise security, Linux & Open Source News, open source, self-modifying worm, SSH malware, ssh private keys, SSH security, SSH-Snake, SSH-Snake malware, SSH-Snake worm, Sysdig Threat Research Team
The Sysdig Threat Research Team (TRT) discovered that a threat actor is leveraging an open-source network mapping tool called SSH-Snake for malicious activities. This tool utilizes SSH credentials found on the compromised ...
SNS Sender Script Used for Bulk Smishing Attacks
Rohan Timalsina | | AWS security, AWS SNS, AWS SNS Bulk Smishing, Cyber Threats, enterprise security, Linux & Open Source News, smishing attack
A new threat has emerged in the form of a Python script called SNS Sender, which malicious actors are utilizing to send bulk smishing messages through Amazon Web Services (AWS) Simple Notification ...
LockBit Ransomware Bounty: US Offers $15 Million In Reward
Wajahat Raja | | cyber attacks, Cyber Threats, cyber threats mitigation, Cybercrime Investigation, cybercriminals, Cybersecurity News, digital security, International Cooperation, law enforcement, LockBit ransomware, Ransomware-as-a-Service (RaaS), U.S. State Department
In a landscape where cyber threats loom large, the hunt for cybercriminals intensifies. Today, we’re turning the spotlight on LockBit ransomware attacks and the unprecedented $15 million bounty offered by the U.S ...
Deepfakes Malware Attacks: GoldFactory’s Advanced Tactics
Wajahat Raja | | Agora SDK, Banking Security, Cyber Threats, Cybersecurity, Cybersecurity News, digital assets, Fake Alerts, Fake Bank Customer Service, Fake Overlays, GoldDigger, GoldDiggerPlus, GoldKefu, Interactive Video and Voice Calls, iOS security, Proxying Traffic, The Hacker News, Vietnamese Financial Companies
In the ever-evolving landscape of mobile Deepfakes malware attacks, a notorious threat actor named GoldFactory has surfaced, leaving a trail of highly sophisticated banking trojans in its wake. The group, operating since ...
Ivanti Pulse Secure Found Using End of Life CentOS 6 OS
Rohan Timalsina | | CentOS 6, CentOS 6 ELS, CentOS 6 End of Life, Cyber Threats, Cybersecurity Weaknesses, Eclypsium, EMBA analysis, enterprise security, Extended Lifecycle Support, Ivanti Connect Secure, Ivanti Policy Secure, Ivanti Pulse Secure, Ivanti security, Ivanti Vulnerabilities, Linux & Open Source News, Linux kernel, Pulse Secure VPN, security vulnerabilites
Ivanti Pulse Secure VPN appliances have recently been a target of several sophisticated attacks, highlighting the ongoing challenges in safeguarding critical IT infrastructure like network devices. UNC5221, a nation-state group, exploited these ...