Security News > 2024 > April
The LabHost phishing-as-a-service platform has been disrupted in a year-long global law enforcement operation that compromised the infrastructure and arrested 37 suspects, among them the original developer. The phishing platform launched in 2021 and enabled cybercriminals paying a monthly subscription fee to launch effective attacks using a variety of phishing kits for banks and services in North America.
Law enforcement from 19 countries severely disrupted one of the world's largest phishing-as-a-service platform, known as LabHost. International investigation disrupts phishing-as-a-service platform LabHost.
Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.
Threat actors are actively exploiting critical vulnerabilities in OpenMetadata to gain unauthorized access to Kubernetes workloads and leverage them for cryptocurrency mining activity. That's...
Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.
Since June 2023, Sophos X-Ops has discovered 19 junk gun ransomware variants - cheap, independently produced, and crudely constructed - on the dark web. "Over the past two months some of the biggest players in the ransomware ecosystem have disappeared or shut down, and, in the past, we've also seen ransomware affiliates vent their anger over the profit-sharing scheme of RaaS. Nothing within the cybercrime world stays static forever, and these cheap versions of off-the-shelf ransomware may be the next evolution in the ransomware ecosystem-especially for lower-skilled cyber attackers simply looking to make a profit rather than a name for themselves," Budd concluded.
A new Google malvertising campaign is leveraging a cluster of domains mimicking a legitimate IP scanner software to deliver a previously unknown backdoor dubbed MadMxShell. "The threat actor...
While every team touches customer identity at some point, the teams that own it differ from organization to organization. Have you ever wondered why workforce identity and access management feels straightforward while customer identity and access management feels like the Wild West?
Most industries continue to run almost two or more months behind in patching software vulnerabilities, endpoints remain vulnerable to threats, and most enterprise PCs must be replaced to support AI-based technologies, according to the Absolute Security Cyber Resilience Risk Index 2024. All factors create numerous compliance and security challenges.
A recent Enea survey highlights a worrying trend in enterprise security: Following ChatGPT's launch, 76% of businesses are inadequately protected against rising AI-driven vishing and smishing threats. In this Help Net Security video, John Hughes, SVP, Head of Network Security Business Group at Enea, discusses how, despite advancements, most enterprises continue to incur losses due to mobile fraud, mainly through smishing and vishing.