More than 8,000 domains and 13,000 subdomains belonging to legitimate brands and institutions have been hijacked as part of a sophisticated distribution architecture for spam proliferation and click monetization. Guardio Labs is tracking the coordinated malicious activity, which has been ongoing since at least September 2022, under the name SubdoMailing. The emails range from “counterfeit […]
Feb 26, 2024The Hacker NewsSoftware Security / Cryptocurrency A set of fake npm packages discovered on the Node.js repository has been found to share ties with North Korean state-sponsored actors, new findings from Phylum show. The packages are named execution-time-async, data-time-utils, login-time-utils, mongodb-connection-utils, and mongodb-execution-utils. One of the packages in question, execution-time-async, masquerades as its […]
IntelBroker informed Hackread.com that they successfully executed the data breach by exploiting a vulnerability within one of the CRM systems utilized by the Los Angeles International Airport. The notorious hacker known as IntelBroker is making headlines once again with a daring alleged breach targeting one of the United States’ most critical organizations: the Los Angeles […]
The U.S. Federal Trade Commission (FTC) has ordered Avast to pay $16.5 million and banned the company from selling users’ web browsing data or licensing it for advertising purposes.
Last year, the Open Worldwide Application Security Project (OWASP) published multiple versions of the “OWASP Top 10 For Large Language Models,” reaching a 1.0 document in August and a 1.1 document in October. These documents not only demonstrate the rapidly evolving nature of Large Language Models, but the evolving ways in which they can be […]
Dive Brief: The HHS has reached its second-ever settlement related to a ransomware attack, which exposed the protected health information of more than 14,000 people, the agency announced Wednesday. Maryland-based Green Ridge Behavioral Health agreed to pay $40,000 and implement a corrective action plan after an investigation found potential violations of the HIPAA rule and […]
Cybersecurity researchers are warning about a spike in email phishing campaigns that are weaponizing the Google Cloud Run service to deliver various banking trojans such as Astaroth (aka Guildma), Mekotio, and Ousaban (aka Javali) to targets across Latin America (LATAM) and Europe. “The infection chains associated with these malware families feature the use of malicious […]
A joint effort by SentinelLabs and ClearSky Cyber Security has uncovered a significant propaganda and disinformation campaign, possibly orchestrated by the Russia-aligned influence operation network called Doppelgänger. The campaign, which began in late November 2023, initially targeted Ukrainian affairs but has since expanded its scope to include the US, Israel, France and Germany. In Germany, Doppelgänger […]
42% of organizations surveyed in the US are considering or already have moved at least half of their cloud-based workloads back to on-premises infrastructures, a phenomenon known as cloud repatriation, according to Citrix. The survey showed that 94% of respondents had been involved with a cloud repatriation project in the last three years. The most […]