Mar 07, 2024NewsroomVulnerability / Web Security Threat actors are conducting brute-force attacks against WordPress sites by leveraging malicious JavaScript injections, new findings from Sucuri reveal. The attacks, which take the form of distributed brute-force attacks, “target WordPress websites from the browsers of completely innocent and unsuspecting site visitors,” security researcher Denis Sinegubko said. The activity […]
A group with links to Iran has been conducting watering-hole attacks against Israeli transportation, logistics, and technology sectors over the last two years, an investigation has uncovered. According to research by CrowdStrike released today, the cyber-espionage attacks were conducted by a state-sponsored advanced persistent threat (APT) named “Imperial Kitten” (aka Yellow Liderc, Tortoiseshell, TA456, and […]
The threat actors behind the Qakbot malware have been conducting a campaign since early August 2023 in which they have been distributing Ransom Knight ransomware and the Remcos backdoor via phishing emails. Notably, this activity appeared to begin before the FBI seized Qakbot infrastructure in late August and has been ongoing since, indicating the law […]
Sep 15, 2023THNCyber Attack / Password Security Iranian nation-state actors have been conducting password spray attacks against thousands of organizations globally between February and July 2023, new findings from Microsoft reveal. The tech giant, which is tracking the activity under the name Peach Sandstorm (formerly Holmium), said the adversary pursued organizations in the satellite, defense, […]