Tag: security
Abuse of residential proxy services, password spray key to Midnight Blizzard attacks, warns Microsoft — here’s what that means for you
The recent Midnight Blizzard attacks on Microsoft and HPE may be just the beginning, with the Russian threat actors are already targeting more global organizations, the former has warned. In its detailed breakdown of the threat actor and the attack on its infrastructure, the Microsoft Threat Intelligence team noted, “This…
Read More
This top Microsoft Office alternative has been hijacked by Chinese hackers — and their malware is coming for your devices
Chinese hackers are hijacking legitimate software updates to deliver backdoors capable of stealing sensitive information from the target endpoints, experts have warned. A new report from cybersecurity researchers ESET recently observed a previously unknown threat actor which they dubbed Blackwood. This group, which apparently is on the Chinese government’s payroll,…
Read More
Billion-dollar financial giant EquiLend hit by cyberattack – some systems offline, major banks and lending firms affected
EquiLend, a global financial technology, data and analytics firm, suffered a cyberattack – possibly ransomware – that forced parts of its digital infrastructure offline. In a press release, EquiLend said that on January 22, 2024, its technicians identified a “technical issue that placed portions of our system offline.” Following an…
Read More
HPE says Russian Midnight Blizzard hackers hit security team emails
Russian state-sponsored threat actors known as Midnight Blizzard breached HPE’s email environment late last year and stole sensitive data from its employees’ inboxes. HPE confirmed the news in a new 8-K submission with the U.S. Securities and Exchange Commission (SEC) last week, BleepingComputer finds. As per the filing, the company…
Read More
This cybercrime network acts like a food delivery service for criminals — and even uses legitimate affiliate marketing techniques to recruit other partners-in-crime
Cybersecurity researchers from Infoblox have revealed new research on VexTrio, a “massive criminal affiliate program” that the team says counts more than five dozen criminal organizations in its customer list. As explained by the researchers, VexTrio is a complex, and massive, traffic direction system (TDS). It operates similarly to a…
Read More
Popular file transfer software has a seriously dangerous security bug that gives anyone free administrator rights — so patch it now to avoid another Moveit-like debacle
GoAnywhere Managed File Transfer (MFT), the program at the center of a major data reach scandal around a year ago, may have a new high-severity vulnerability which users should patch immediately to avoid more trouble. Cybersecurity researchers Mohammed Eldeeb and Islam Elrfai from Spark Engineering Consultants discovered the flaw in…
Read More