Content streaming services are no stranger to cyberattacks, and the recent Spotify squatting campaign reported by IBM X-Force Exchange is proof of that. Spotify, however, is not alone on the boat, as many other streaming services have fallen prey to attacks over the years. more
On 14 May 2021, Analyst1 security researchers released a detailed report on the DarkSide cybercriminal gang, which is believed to be responsible for ransomware attacks targeting the Colonial Pipeline. Part of the report was several indicators of compromise (IoCs), specifically 41 malware hashes, two domains, and three IP addresses. more
ZeuS malware traces its origin as far back as 2006, when it was used to steal victims' online banking credentials. In 2011, its source code was leaked on a file-sharing site and quickly spread throughout various underground fora. more
Complying with strict data privacy regulations like the General Data Protection Regulation (GDPR) is a must do. Violators can get penalized as much as €10 million or 2% of their annual turnover. This reality makes it critical for organizations, therefore, to employ strict employee, customer, and stakeholder data management policies. more
Intranets are by definition meant for internal use only -- employee communication, content management, and the like. They are part of the Deep Web where search engines can't index sites, and unauthorized people shouldn't be able to access them. more
Many reports have released indicators of compromise (IoCs) regarding the Endless Mayfly disinformation campaign. But for those who don't know what it is, Endless Mayfly uses fake social media accounts and media websites to spread false information that has to do with U.S., Israel, and Saudi Arabia relations. more
On any given day, most of us get more emails that we won't read than those that we would. Many of these messages will remain unread and sent to the trash. There comes the third category of emails: Those we wished we hadn't read and acted upon because they are bound to be malicious, sent by cybercriminals trying to lure you into one of their scams. more
Cryptocurrencies keep making waves in the online community, making them prime vehicles of threat actors in scam, phishing, and other malicious campaigns. Fraudsters, for one, have stolen millions of dollars worth of cryptocurrencies from investors through websites that promise rewards, giveaways, and earning opportunities. more
A threat actor reportedly infiltrated the network of and stole data from a financial institution about a month ago by exploiting any of four Microsoft Exchange Server vulnerabilities -- CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, or CVE-2021-27065. While patches for all these have been released, users who have not downloaded and installed these could remain at risk. more
Threats can come from anywhere, even from legitimate hosting infrastructure. In fact, many cybercriminals often host their command-and-control (C&C) servers in known hosting providers' networks, sometimes those that offer bulletproof hosting services, to evade detection and consequent blocking. more
A World-Renowned Source for Internet Developments. Serving Since 2002.