Tag: cybercrime

Record-Breaking Year for DDoS Attacks Targeting Russia
Risk, Security

Record-Breaking Year for DDoS Attacks Targeting Russia

According to the largest internet service provider in the nation, web and DDoS attacks were relentless against Russian enterprises last year in an effort to interfere with operations, sabotage websites, and "sow panic" (ISP). In a recent study, Rostelecom claimed to have observed "a record-breaking DDoS attack in terms of power and duration" in 2022. It stated that the strongest attack was 760Gb/s, roughly twice as powerful as the strongest attack in 2021. The research stated that the longest DDoS lasted 2000 hours or around three months. The ISP claimed to have examined data on around 600 businesses in a range of sectors read the complete article Record Breaking Year for DDoS Attacks Targeting Russia. Reconbee.com can help you learn about the most recent security services and p...
Chinese Hackers Utilize Golang Malware in DragonSpark Attacks to Evade Detection
Risk, Security

Chinese Hackers Utilize Golang Malware in DragonSpark Attacks to Evade Detection

A possible Chinese-speaking actor using under the name DragonSpark is targeting businesses in East Asia while using unusual methods to get past security measures. According to SentinelOne's investigation, which was released today, "the attacks are characterized by the usage of the little-known open-source SparkRAT and malware that tries to elude detection through Golang source code interpretation." The persistent usage of SparkRAT in the incursions to carry out various tasks, such as information theft, taking over an infected host, or executing further PowerShell commands, is a startling feature. Although the threat actor's ultimate objectives are still unknown, espionage or cybercrime read the complete article Chinese Hackers Utilize Golang Malware in DragonSpark Attacks to Evad...
FBI Says North Korean Hackers Behind $100 Million Horizon Bridge Crypto Theft
Risk, Security

FBI Says North Korean Hackers Behind $100 Million Horizon Bridge Crypto Theft

The loss of $100 million in cryptocurrency assets from Harmony Horizon Bridge in June 2022 was confirmed by the American Federal Bureau of Investigation (FBI) on Monday. The Lazarus Group and APT38 (also known as BlueNoroff, Copernicium, and Stardust Chollima), a state-sponsored threat group from North Korea that specializes in financial cyber operations, were both blamed by the law enforcement agency for the hack. The FBI added that the TraderTraitor attack campaign, which was made public by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) in April 2022, was used by the Harmony infiltration. The strategy involved using social engineeri...
Riot Games Halts Work After Cyber Attack
Risk, Security

Riot Games Halts Work After Cyber Attack

A well-known gaming company in California has acknowledged that a significant cyber-attack on its servers has stopped all upgrades. Riot Games, which is owned by Tencent and creates well-known games like League of Legends and Valorant, provided a concise explanation of what transpired on Friday in a series of tweets. Earlier this week, a social engineering attack led to the vulnerability of systems in our development environment. The statement read, "At this time, we don't have all the answers, but we wanted to reach out to you early to let you know that there is no evidence that player data or personal information was obtained. We regret that this has temporarily hampered our capacity to publish content. While our staff is putting great effort towards a fix read the complete art...
Threat Actors Turn to Sliver as Open Source Alternative to Popular C2 Frameworks
Risk, Security

Threat Actors Turn to Sliver as Open Source Alternative to Popular C2 Frameworks

Threat actors are becoming more interested in Sliver, a legal command-and-control (C2) framework that has emerged as an open-source substitute for Cobalt Strike and Metasploit. The research was conducted by Cybereason, which last week released a thorough investigation of its internal operations. Sliver is a cross-platform post-exploitation framework built on Golang and created by cybersecurity startup BishopFox for use by security experts in red team operations read the complete article Threat Actors Turn to Sliver as Open Source Alternative to Popular C2 Frameworks.
Massive Ad Fraud Scheme Targeted Over 11 Million Devices with 1,700 Spoofed Apps
Risk, Security

Massive Ad Fraud Scheme Targeted Over 11 Million Devices with 1,700 Spoofed Apps

An "expansive" ad fraud operation that spoofs over 1,700 programs from 120 publishers and affects around 11 million devices has been stopped by researchers. The fraudulent actors were able to stack several invisible video ad players behind one another and log ad views thanks to the "VASTFLUX" malvertising attack, according to the fraud detection company HUMAN. Fast Flux, a DNS evasion method, and VAST, a digital video ad serving template, which is used to display ads to video players, are what give the operation its name. The smart operation placed bids for the display of ad banners specifically in the constrained in-app contexts that run adverts on iOS read the complete article Massive Ad Fraud Scheme Targeted Over 11 Million Devices with 1,700 Spoofed Apps. Stay informed on ...
FinServ Firms See 81% Surge in Attacks Since Russia-Ukraine War
Resources, Risk, Security

FinServ Firms See 81% Surge in Attacks Since Russia-Ukraine War

Since Russia's invasion of Ukraine, the UK's financial services sector has experienced a wave of cyberattacks, but firms are generally confident in their abilities to reduce these risks, finds a new Bridewell study. For its most recent research, Cyber Security in Critical National Infrastructure Organizations: Financial Services, the cybersecurity services provider surveyed more than 100 IT decision-makers from UK financial services companies. It was discovered that since the invasion of Ukraine, attacks on the sector have increased by 81%, the second-highest growth of any critical infrastructure (CNI) sector and evidence of the growing cyber danger brought on by geopolitics read the complete article FinServ Firms See 81% Surge in Attacks Since Russia-Ukraine War. If you love to ...
Iranian Government Entities Under Attack by New Wave of BackdoorDiplomacy Attacks
Risk, Security

Iranian Government Entities Under Attack by New Wave of BackdoorDiplomacy Attacks

The threat actor known as BackdoorDiplomacy has been linked to a new wave of attacks targeting Iranian government entities between July and late December 2022. Palo Alto Networks Unit 42, which is tracking the activity under its constellation-themed moniker Playful Taurus, said it observed the government domains attempting to connect to malware infrastructure previously identified as associated with the adversary. Also known by the names APT15, KeChang, NICKEL, and Vixen Panda, the Chinese APT group has a history of cyber espionage campaigns aimed at government and diplomatic entities across North America, South America, Africa, and the Middle East at least since 2010 read the complete article Iranian Government Entities Under Attack by New Wave.
ODIN Intelligence website is defaced as hackers claim breach
Risk, Security

ODIN Intelligence website is defaced as hackers claim breach

On Sunday, someone vandalized the website for ODIN Intelligence, a business that offers technology and solutions to law enforcement and police departments. The alleged hack occurred just days after Wired revealed that an app created by the company, SweepWizard, which helps police manage and coordinate multi-agency raids, had a serious security flaw that exposed sensitive information about upcoming police operations as well as the personal information of police suspects to the public internet. Law enforcement agencies can get tools like SweepWizard and other technologies from ODIN. It also offers SONAR, or the Sex Offender Notification and Registration system, a program utilized by local and state law enforcement to remotely oversee sex offenders who have been registered read the com...
Hackers Hijack NortonLifeLock Customer Accounts
Resources, Risk, Security

Hackers Hijack NortonLifeLock Customer Accounts

Some customers of NortonLifeLock have been informed that nefarious outsiders have probably accessed their accounts and may have even gotten to their password vaults. The letter informing customers of the data breach was published on the website of the Vermont attorney general's office. It stated that by using username and password login combinations, hackers have probably gained access to their Norton and Norton Password Manager accounts. The vendor, which is a Gen Digital company, confirmed that these logins weren't obtained through a breach of its own IT system. It declared that "our own systems were not compromised." "However, we firmly suspect that your login and password for your account have been used by an uninvited third party. This username and password pair might be kno...