You are here
Home > Posts tagged "attack"

Tag: attack

Google Firebase hosts Microsoft Office phishing attack

by Steve Zurier - 0
SolarWinds attack opened up 4 separate paths to a Microsoft 365 cloud breach

A phishing attack recently uncovered by researchers pretends to share information about an electronic funds transfer (EFT) by offering up a link to download an HTML invoice that then loads to a page with Microsoft Office branding that’s hosted on Google Firebase. The attack culminates with a final phishing page that

In second attack DDoS group demands 5 bitcoin payment

by Steve Zurier - 0
In second attack DDoS group demands 5 bitcoin payment

Five Radware customers received extortion letters in December and January threatening a DDoS attack if they did not pay five bitcoin (worth about $200,000) from a group that wanted the victims to believe they were from Fancy Bear, Lazarus Group and the Armada Collective. The threat group first attacked late last

Bot ‘FreakOut’ leverages three critical vulnerabilities to attack Linux systems

by Steve Zurier - 0
Bot ‘FreakOut’ leverages three critical vulnerabilities to attack Linux systems

Oracle Co-Founder Larry Ellison delivers a keynote address at the Oracle OpenWorld conference in 2006. Researchers discovered a new Internet Relay Chat (IRC) bot Tuesday that exploited three vulnerabilities to launch distributed denial of service attacks, cryptomining and other security lapses on Linux systems. (Justin Sullivan/Getty Images) Researchers discovered a new

SolarWinds attack opened up 4 separate paths to a Microsoft 365 cloud breach

by Bradley Barth - 0
SolarWinds attack opened up 4 separate paths to a Microsoft 365 cloud breach

A Microsoft store in British Columbia, Canada. (GoToVan from Vancouver, Canada/CC BY 2.0 https://creativecommons.org/licenses/by/2.0, via Wikimedia Commons) The perpetrators behind the SolarWinds supply-chain attack were observed leveraging four separate, techniques to bypass identity and access management protections and laterally move from victims’ on-premises networks to their cloud-based Microsoft 365 accounts. Companies that

Websites requiring security software downloads opened door to supply chain attack

by Bradley Barth - 0
Websites requiring security software downloads opened door to supply chain attack

The Seoul skyline in South Korea (Flickr – Laurie Nevayhttps://www.flickr.com/photos/laurienevay/, CC BY-SA 2.0 https://creativecommons.org/licenses/by-sa/2.0, via Wikimedia Commons). A newly reported supply chain attack involved malicious hackers compromising financial and government websites so they would deliver malware to unsuspecting visitors. The tactic demonstrates the risks involved with requiring users to download software

Ransomware attack toys with Mattel systems, data

by Steve Zurier - 0
Ransomware attack toys with Mattel systems, data

Toymaker Mattel—maker of Barbie and Ken dolls – was the victim of a ransomware attack last July on its information technology systems and data on a number of systems was encrypted. The company said in a recent quarterly filing that it had contained the attack and although some business functions were

Treasury sanctions Russian research institute for Triton attack

by Teri Robinson - 0
Treasury sanctions Russian research institute for Triton attack

The Treasury Department’s Office of Foreign Assets Control sanctioned a Russian government research institution linked to Triton malware targeting industrial safety systems, the first time the U.S. took such an action for an industrial control system attack. Treasury Secretary Steve Mnuchin called out the Russian government for continuing “to engage in

Top