Authorities Shut Down 27 DDoS-for-Hire Platforms, Arrest 3 Admins
SUMMARY Global Dismantling of DDoS Platforms: Law enforcement from 15 countries shut down 27 websites offering DDoS attack services as part of Operation PowerOFF. Arrests…
Category: HackRead
Scammers Exploit Fake Domains in Dubai Police Phishing Scams
SUMMARY: Researchers found a rise in phishing attacks in the UAE impersonating Dubai Police via SMS. Attackers use fake domains with typosquatting and suspicious extensions…
OpenAI Working on a Fix
You are not alone, ChatGPT and Sora AI are down worldwide. OpenAI says it is aware of the issue and working on a fix. ChatGPT,…
When Does Online Harassment Become a Criminal Offense?
The rise of social media and digital communication has transformed how we connect, but it has also opened the door to cybercrime and harmful behaviours,…
Krispy Kreme Cyber Attack Disrupted Online Ordering in the US
SUMMARY Cyberattack Reported: Krispy Kreme faced a cyberattack on November 29, 2024, disrupting online orders in the U.S. Operations Impact: In-store sales and deliveries remained…
AuthQuake Flaw Allowed MFA Bypass Across Azure, Office 365 Accounts
SUMMARY Dubbed AuthQuake; the flaw in Microsoft MFA allowed attackers to bypass security measures and access accounts. Vulnerability impacted Azure, Office 365, and other Microsoft…
Global Ongoing Phishing Campaign Targets Employees Across 12 Industries
SUMMARY A sophisticated phishing campaign is targeting employees of 30+ companies across 12 industries worldwide. Over 200 malicious links have been distributed, designed to steal…
New DCOM Attack Exploits Windows Installer for Backdoor Access
SUMMARY The new DCOM attack leverages Windows Installer service for stealthy backdoor deployment. Attack exploits the IMsiServer interface for remote code execution and persistence. Malicious…
Black Basta Gang Uses MS Teams, Email Bombing to Spread Malware
SUMMARY Black Basta Campaign Resurgence: Rapid7 researchers report a sophisticated social engineering campaign by the Black Basta ransomware group, refining tactics and targeting organizations globally.…
Dell Urges Immediate Update to Fix Critical Power Manager Vulnerability
SUMMARY: Critical Vulnerability Alert: Dell Power Manager versions before 3.17 have a high-severity access control flaw (CVE-2024-49600) allowing attackers to gain elevated privileges. Exploitation Risk:…
Hackers Target Job Seekers with Banking Trojan Using Fake Job Emails
SUMMARY AppLite Trojan: A new, stealthy banking trojan targeting Android devices, capable of stealing banking credentials, crypto wallets, and sensitive data. Phishing Campaign: Delivered via…
How Red Teaming Helps Meet DORA Requirements
The Digital Operational Resilience Act (DORA) sets strict EU rules for financial institutions and IT providers, emphasizing strong cyber risk management, reporting, red teaming, and…