Recently, malicious threat actors were observed infiltrating Alibaba Elastic Compute Service (ESC) instances to install crypto-miner malware and to also gather server resources for their benefit. Alibaba’s Elastic Computing Service is endorsed as a fast memory, Intel CPUs, and low-latency operations. The ECS’s purpose is to protect against malware like crypto miners by having a...Continue Reading
Recently, a North Korean threat actor named TA406 has increased the number of their attacks this year. According to reports, they focus their attacks, particularly in credential exfiltration campaigns. The researchers identified multiple malicious threat groups such as Konni, Kimsuky, and Thallium that might be linked to TA406, targeting numerous governments, media, research, healthcare, industries,...Continue Reading
New research findings reveal that Web applications cyberattacks are rising continuously, with most attacks coming from Web application programming interfaces (Web API). Researchers are not differentiating the attacks against Web applications and actual cyberattacks that are using Web APIs. However, they believe that the rise of attacks against Web applications is majorly coming from APIs brought by application servers. The attacks on...Continue Reading
According to researchers, a Brazil-based e-commerce firm has accidentally exposed two billion worth of records, including seller’s and client’s confidential and personal information, after a wrong configuration in an Elasticsearch server. The researcher team who identified the misconfiguration discovered it last June of this year and quickly traced the leak back to a firm that allows vendors to manage and...Continue Reading
Apache Airflow is an open-source platform that is popular among organizations. They use it in scheduling and managing workflows. But according to researchers, misconfigurations in Apache Airflow can endanger credentials and other sensitive records to the internet and be involved in a possible cyber security risk. From the latest discovery of security researchers, there have...Continue Reading
According to Lacework analysts, Docker, Redis, SQL, and SSH have been the main targeted cloud servers in the last three months. As reported by Lacework’s 2021 Cloud Threat Report Volume 2, a lot of firms must now count cyber threat actors as their competitors. This is due to these two main reasons: cybercriminals are extending...Continue Reading
Ethical hackers and cybersecurity researchers disclosed more information on how multiple websites of the Indian government got hacked and breached. Just last month, researchers from the Sakura Samurai hacking group had discovered and disclosed their breach and findings via a large number of critical vulnerabilities on the cyber systems of the Indian government. The full...Continue Reading
The Chinese hacking group Stone Panda or APT10 has been identified as responsible for the attacks on Indian vaccine makers, as confirmed by a cybersecurity firm. The hacking group had identified flaws and vulnerabilities in the IT infrastructure and software supply chain of the world’s largest vaccine maker companies, Serum Institute of India or SII...Continue Reading
Cybercrime has significantly increased every year, which is directly proportional to the growth of technology. Factors attributed to this increase could be summed up due to the perpetrators’ persistent behaviour through new tactics like using Covid19 as theme and sophisticated applications. Cybercriminals are being backed up by governments and the victim’s open vulnerability. Different sectors...Continue Reading
Hackney Council in the United Kingdom allegedly has their sensitive private data stolen and published online three months after the reported serious ransomware attack that they encountered last October 2020 which have affected their IT systems and network. The publishing of the stolen data has been claimed by a cyber-crime group known as Pysa/Mespinoza. They had...Continue Reading
This website stores cookies on your computer. These cookies are used to collect information about how you interact with our website and allow us to remember you. We use this information in order to improve and customize your browsing experience and for analytics and metrics about our visitors both on this website and other media.
If you decline, your information won’t be tracked when you visit this website. A single cookie will be used in your browser to remember your preference not to be tracked.