Security News

Imperva releases data showing that 25% of all gambling sites were hit with DDoS attacks executed by botnets in June. This Help Net Security video uncovers how DDoS attacks on gambling sites lead to lost revenue and consumer trust.

To protect the victim's account, the organization had implemented Microsoft MFA through the Microsoft Authenticator app, which should have stopped any use of stolen credentials. Microsoft MFA doesn't always require a second form of authentication.

Hackers responsible for a string of recent cyberattacks, including those on Twilio, MailChimp, Cloudflare, and Klaviyo, compromised over 130 organizations in the same phishing campaign. This phishing campaign utilized a phishing kit codenamed '0ktapus' to steal 9,931 login credentials that the hackers then used to gain access to corporate networks and systems through VPNs and other remote access devices.

The threat actor behind the attacks on Twilio and Cloudflare earlier this month has been linked to a broader phishing campaign aimed at 136 organizations that resulted in a cumulative compromise of 9,931 accounts. The activity has been condemned 0ktapus by Group-IB because the initial goal of the attacks was to "Obtain Okta identity credentials and two-factor authentication codes from users of the targeted organizations."

Microsoft observed a campaign that inserted an attacker-controlled proxy site between the account users and the work server they attempted to log into. When the user entered a password into the proxy site, the proxy site sent it to the real server and then relayed the real server's response back to the user.

49% of respondents to a recent Twitter poll carried out by Osirium Technologies describe endpoint management security within their organization as non-existent. This Help Net Security video highlights why so many organizations lack endpoint security strategy.

The Python Package Index, PyPI, on Wednesday sounded the alarm about an ongoing phishing campaign that aims to steal developer credentials and inject malicious updates to legitimate packages. "This is the first known phishing attack against PyPI," the maintainers of the official third-party software repository said in a series of tweets.

66% of organizations have changed their cybersecurity strategy as a direct response to the conflict between Russia and Ukraine, while 64% suspect their organization has been either directly targeted or impacted by a nation-state cyber attack, according to Venafi. "We've known for years that state-backed APT groups are using cybercrime to advance their nations' wider political and economic goals. Everyone is a target, and unlike a kinetic warfare attack, only you can defend your business against nation-state cyber attacks. There is no cyber-Iron Dome or cyber-NORAD. Every CEO and board must recognize that cybersecurity is one of the top three business risks for everyone, regardless of industry."

The Dominican Republic's Instituto Agrario Dominicano has suffered a Quantum ransomware attack that encrypted multiple services and workstations throughout the government agency. Local media reports that the ransomware attack occurred on August 18th, which has impacted the agency's operation.

The RansomEXX ransomware gang is claiming responsibility for the cyberattack against Bombardier Recreational Products, disclosed by the company on August 8, 2022. BRP employs over 20,000 people, counts close to $6 billion in annual sales, and distributes various products in more than120 countries, so even a minimal disruption in its production can have a serious financial impact.