Category: HackRead

AuthQuake Flaw Allowed MFA Bypass Across Azure, Office 365 Accounts
11
Dec
2024

AuthQuake Flaw Allowed MFA Bypass Across Azure, Office 365 Accounts

SUMMARY Dubbed AuthQuake; the flaw in Microsoft MFA allowed attackers to bypass security measures and access accounts. Vulnerability impacted Azure,…

Global Ongoing Phishing Campaign Targets Employees Across 12 Industries
11
Dec
2024

Global Ongoing Phishing Campaign Targets Employees Across 12 Industries

SUMMARY A sophisticated phishing campaign is targeting employees of 30+ companies across 12 industries worldwide. Over 200 malicious links have…

New DCOM Attack Exploits Windows Installer for Backdoor Access
11
Dec
2024

New DCOM Attack Exploits Windows Installer for Backdoor Access

SUMMARY The new DCOM attack leverages Windows Installer service for stealthy backdoor deployment. Attack exploits the IMsiServer interface for remote…

Black Basta Ransomware Uses MS Teams, Email Bombing to Spread Malware
10
Dec
2024

Black Basta Gang Uses MS Teams, Email Bombing to Spread Malware

SUMMARY Black Basta Campaign Resurgence: Rapid7 researchers report a sophisticated social engineering campaign by the Black Basta ransomware group, refining…

Dell Urges Immediate Update to Fix Critical Power Manager Vulnerability
10
Dec
2024

Dell Urges Immediate Update to Fix Critical Power Manager Vulnerability

SUMMARY: Critical Vulnerability Alert: Dell Power Manager versions before 3.17 have a high-severity access control flaw (CVE-2024-49600) allowing attackers to…

Hackers Target Job Seekers with Banking Trojan Using Fake Job Emails
10
Dec
2024

Hackers Target Job Seekers with Banking Trojan Using Fake Job Emails

SUMMARY AppLite Trojan: A new, stealthy banking trojan targeting Android devices, capable of stealing banking credentials, crypto wallets, and sensitive…

How Red Teaming Helps Meet DORA Requirements
10
Dec
2024

How Red Teaming Helps Meet DORA Requirements

The Digital Operational Resilience Act (DORA) sets strict EU rules for financial institutions and IT providers, emphasizing strong cyber risk…

ShinyHunters, Nemesis Linked to Hacks After Leaking Their AWS S3 Bucket
10
Dec
2024

ShinyHunters, Nemesis Linked to Hacks After Leaking Their AWS S3 Bucket

Summary Large-Scale Hacking Operation Uncovered: Researchers link ShinyHunters and Nemesis to an operation exploiting millions of websites to steal over…

Critical Windows Zero-Day Alert: No Patch Available Yet for Users
10
Dec
2024

No Patch Available Yet for Users

Protect your systems with automated patching and server hardening strategies to defend against vulnerabilities like the NTLM zero-day. Stay proactive…

Phishers Impersonating Police Arrested in Multi-Million Euro Scam
09
Dec
2024

Phishers Impersonating Police Arrested in Multi-Million Euro Scam

Summary: Phishing Operation Dismantled: A joint effort by Belgian, Dutch authorities, and Europol dismantled a phishing gang that targeted victims…

Digital Assets Cybersecurity Essentials
09
Dec
2024

Digital Assets Cybersecurity Essentials

Discover essential tips to secure your digital assets like crypto, NFTs, and tokens. Learn about wallet safety, avoiding phishing, 2FA,…

ReversingLabs Research: Compromised Ultralytics PyPI Package Delivers Crypto Coinminer
09
Dec
2024

Ultralytics AI Library with 60M Downloads Compromised for Cryptomining

KEY POINTS Cybersecurity researchers at ReversingLabs found that hackers used malicious code to combine the Ultralytics AI library to mine…