Cybersecurity

Category Added in a WPeMatico Campaign

Cybersecurity

PAX PoS Terminal Flaw Could Allow Attackers to Tamper with Transactions

Jan 17, 2024NewsroomFinancial Data / Vulnerability The point-of-sale (PoS) terminals from PAX Technology are impacted by a collection of high-severity vulnerabilities that can be weaponized by threat actors to execute arbitrary code. The STM Cyber R&D team, which reverse engineered the Android-based devices manufactured by the Chinese firm owing to their rapid deployment in Poland, […]

Cybersecurity

Adalanche: Open-source Active Directory ACL visualizer, explorer – Help Net Security

Adalanche provides immediate insights into the permissions of users and groups within an Active Directory. It’s an effective open-source tool for visualizing and investigating potential account, machine, or domain takeovers. Additionally, it helps identify and display any misconfigurations. What unique features make Adalanche stand out? “The best feature is the low user effort to get […]

Cybersecurity

Known Indicators of Compromise Associated with Androxgh0st Malware | CISA

SUMMARY The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) to disseminate known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with threat actors deploying Androxgh0st malware. Multiple, ongoing investigations and trusted third party reporting yielded the IOCs and TTPs, […]

Cybersecurity

Southeast Asian casino industry supercharging cyber fraud, UN says

The expanding Southeast Asian casino industry has become the nexus of the region’s criminal ecosystem, including its cyber fraud industry, and it is facilitating large-scale money laundering by organized crime networks, a new United Nations report reveals. The money laundering includes the proceeds from online scams like pig-butchering schemes, where scammers develop a relationship with […]

Cybersecurity

Feds Warn of AndroxGh0st Botnet Targeting AWS, Azure, and Office 365 Credentials

Jan 17, 2024NewsroomBotnet / Cloud Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned that threat actors deploying the AndroxGh0st malware are creating a botnet for “victim identification and exploitation in target networks.” A Python-based malware, AndroxGh0st was first documented by Lacework in December 2022, with the […]