Security News
Researchers have uncovered a gigantic network of more than 11,000 domains used to promote numerous fake investment schemes to users in Europe. Eventually, the victim is convinced to deposit 250 EUR or more, while the details provided on the fake site are stored and used for future campaigns or resold on the dark web.
The largest distributed denial-of-service attack that Europe has ever seen occurred earlier this month and hit an organization in Eastern Europe. DDoS incidents have become more frequent since the start of the year as attackers try to deny access to the victim's digital services by flooding them with requests and traffic to overwhelm resources and render them unavailable.
The reversal, reported by TechCrunch, comes a day after the Italian data protection authority - the Garante per la Protezione dei Dati Personali - warned the company against the change, citing violations of data protection laws. "The personal data stored in users' devices may not be used to profile those users and send personalized ads without their explicit consent," the Garante said.
A newly discovered multistage remote access trojan dubbed ZuoRAT has been used to target remote workers via small office/home office routers across North America and Europe undetected since 2020. The start of this campaign roughly lines up with a quick shift to remote work after the start of the COVID-19 pandemic which drastically increased the number of SOHO routers used by employees to access corporate assets from home.
It’s day two of Infosecurity Europe 2022 at the ExCeL in London. Here’s a look at the event, the featured vendors are: Akamai, SecurityScorecard, Edgescan, ManageEngine, Securonix, F5, ServiceNow,...
Infosecurity Europe 2022 opened its doors today at the ExCeL in London, here’s a look inside the event. The featured vendors are: Akamai Technologies, AlgoSec, Appgate, AwareGO, Bridewell,...
An advanced persistent threat group dubbed ToddyCat has been targeting Microsoft Exchange servers throughout Asia and Europe for more than a year, since at least December 2020. At the time, the hacking group exploited the ProxyLogon Exchange flaws that allowed them to gain remote code execution on vulnerable servers to deploy China Chopper web shells.
Infosecurity Europe 2022 opened its doors today at the ExCeL in London. Here’s a look at the event, the featured vendors are: Arctic Wolf Networks, Bridewell, Checkmarx, Cisco, CrowdStrike,...
A suspected state-aligned threat actor has been attributed to a new set of attacks exploiting the Microsoft Office "Follina" vulnerability to target government entities in Europe and the U.S. Enterprise security firm Proofpoint said it blocked attempts at exploiting the remote code execution flaw, which is being tracked CVE-2022-30190. The payload, which manifests in the form of a PowerShell script, is Base64-encoded and functions as a downloader to retrieve a second PowerShell script from a remote server named "Seller-notification[.]live."
A new joint Cybersecurity Advisory has been issued by the Federal Bureau of Investigation, the Cybersecurity and Infrastructure Security Agency, the Department of the Treasury and the Financial Crimes Enforcement Network to raise awareness and provide information about the Karakurt Data Extortion Group. The Karakurt Data Extortion Group, also known as Karakurt Team and Karakurt Lair, is a threat actor threatening companies to publicly disclose internal stolen data unless they receive payment of a ransom, which ranges from $25,000 USD to $13,000,000 USD in Bitcoin, within a week.