Security News

Citrix on Wednesday denied claims that its systems have been breached and says the information being sold on the dark web actually comes from a third party and it's not very sensitive. Citrix has found no evidence that its systems have been compromised, and pointed out that hackers couldn't have moved from the third party's network to its own systems.

Citrix has taken the unusual step of rebutting dark web discourse that alleges its networks have been compromised. A Wednesday post penned by CISO Fermin J Serna says the company is aware of a "Threat intelligence report circulated concerning claims made on the dark web by a threat actor alleging compromise of the Citrix network, exfiltration of data, and attempts to escalate privileges to launch a ransomware attack."

Researchers have found 142 million personal details from former guests at the MGM Resorts hotels for sale on the Dark Web, evidence that a data leak from the hotel chain last summer may be far bigger in scope than previously thought. In the ad, the hacker makes a connection between the newly advertised credentials and a previously known leak of personal details of more than 10.6 million guests who had stayed at MGM Resorts.

Digicert is one of the Big Five commercial CAs, short for certificate authorities - companies that sign and vouch for the digital certificates that put the the S in HTTPS and the padlock in your browser's address bar. The simplest form of web certificate is called self-signed, and anyone can create a self-signed certificate in seconds that claims to represent any web property they like.

A couple of years back, Gartner introduced CARTA - a strategic approach to information security. In this document, we talk about CARTA as it applies to Web Application Security and Indusface, applicable more to threat assessment and mitigation and not as much to trust.

Microsoft has taken legal action to seize web domains being used to launch coronavirus-themed phishing attacks. "Microsoft's Digital Crimes Unit first observed these criminals in December 2019, when they deployed a sophisticated, new phishing scheme designed to compromise Microsoft customer accounts," said the mega-corp in a blog post this week.

Most cloud services keep their DNS cache times, known in the jargon as TTLs or time-to-live entries, pretty small these days in order to help their services adapt more quickly to changes in network load. Hacking your DNS entries is not quite as good a result for the crooks as taking over your actual web server - they won't have your web certificate to authenticate HTTPS traffic, and they'd need to clone a huge amount of your site to make a realistic facsimile - but it's still extremely dangerous, and potentially very damaging for your brand. In the cases tracked by Edwards, it seems that a bunch of crooks have been keeping their eyes on unused Azure server names that still have trusted DNS records referring to them, and reviving those defunct server names to produce believable URLs for scams and malware campaigns.

An Instagram super-star with 2.3 million followers has been extradited to America accused of conspiring to launder hundreds of millions of dollars obtained via cyber-crime. Abbas allegedly ran so-called business email compromise scams, which typically involve hijacking email accounts, or impersonating strangers in emails, to fool victims into transferring money to the scammer's bank account rather than a legit recipient.

An Instagram super-star with 2.3 million followers has been extradited to America accused of conspiring to launder hundreds of millions of dollars obtained via cyber-crime. Abbas allegedly ran so-called business email compromise scams, which typically involve hijacking email accounts, or impersonating strangers in emails, to fool victims into transferring money to the scammer's bank account rather than a legit recipient.

A low-quality batch of malicious tools can sell for as low as $70, while a premium set can go as high as $6,000, according to the security research site Privacy Affairs. At the low end of the list, malware tools aimed at a global audience sell on average for as little as $70. However, this particular batch is sold as low quality, slow speed, and a low success rate.