The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Cyber attacks are common occurrences that often make headlines, but the leakage of personal information, particularly credit card data, can have severe consequences […]
Cyber News, Cyber Threat Trends
The threat actor known as Arid Viper has been observed using refreshed variants of its malware toolkit in its attacks targeting Palestinian entities since September 2022. Symantec, which is tracking the group under its insect-themed moniker Mantis, said the adversary is “going to great lengths to maintain a persistent presence on targeted networks.” Also known by the names APT-C-23 and […]
Cyber News, Cyber Threat Trends
Have you ever wondered how they design blue team exercises? One ransomware and cyber extortion simulation demonstrates the best practices.
Cyber News, Cyber Threat TrendsBrian Krebs is reporting that the UK’s National Crime Agency is setting up fake DDoS-for-hire sites as part of a sting operation: The NCA says all of its fake so-called “booter” or “stresser” sites - which have so far been accessed by several thousand people—have been created to look like they offer the tools and […]
Cyber News, Cyber Threat TrendsLaunching CSPM, container workload security, and cloud vulnerability management to modernize cloud security operations.
Cyber News, Cyber Threat Trends
First payment and then account becomes inaccessible Continue reading on Bugs That Bite »
Cyber News, Cyber Threat Trends
Unknown threat actors are actively exploiting a recently patched security vulnerability in the Elementor Pro website builder plugin for WordPress. The flaw, described as a case of broken access control, impacts versions 3.11.6 and earlier. It was addressed by the plugin maintainers in version 3.11.7 released on March 22. “Improved code security enforcement in WooCommerce […]
Cyber News, Cyber Threat Trends
Critical security flaws in Cacti, Realtek, and IBM Aspera Faspex are being exploited by various threat actors in hacks targeting unpatched systems. This entails the abuse of CVE-2022-46169 (CVSS score: 9.8) and CVE-2021-35394 (CVSS score: 9.8) to deliver MooBot and ShellBot (aka PerlBot), Fortinet FortiGuard Labs said in a report published this week. CVE-2022-46169 relates to a critical
Cyber News, Cyber Threat Trends
Microsoft has patched a misconfiguration issue impacting the Azure Active Directory (AAD) identity and access management service that exposed several “high-impact” applications to unauthorized access. “One of these apps is a content management system (CMS) that powers Bing.com and allowed us to not only modify search results, but also launch high-impact XSS attacks on Bing […]
Cyber News, Cyber Threat Trends