Category

Website Protection

Website Protection Page 1

Alibaba Elastic Compute Service ECS Cryptomining Malware Crypto Hijack Cloud Computing

Alibaba Elastic Compute Service exploited by a Cryptomining Malware

Recently, malicious threat actors were observed infiltrating Alibaba Elastic Compute Service (ESC) instances to install crypto-miner malware and to also gather server resources for their benefit. Alibaba’s Elastic Computing Service is endorsed as a fast memory, Intel CPUs, and low-latency operations. The ECS’s purpose is to protect against malware like crypto miners by having a...
Continue Reading
Espionage Campaigns North Korean Hackers Asia Malware Attacks Threat Actors TA406

Espionage campaigns of North Korean hackers intensifies

Recently, a North Korean threat actor named TA406 has increased the number of their attacks this year. According to reports, they focus their attacks, particularly in credential exfiltration campaigns. The researchers identified multiple malicious threat groups such as Konni, Kimsuky, and Thallium that might be linked to TA406, targeting numerous governments, media, research, healthcare, industries,...
Continue Reading

Threat actors boost Web APIs to execute cyberattacks

New research findings reveal that Web applications cyberattacks are rising continuously, with most attacks coming from Web application programming interfaces (Web API). Researchers are not differentiating the attacks against Web applications and actual cyberattacks that are using Web APIs. However, they believe that the rise of attacks against Web applications is majorly coming from APIs brought by application servers.  The attacks on...
Continue Reading
E-Commerce Firm Exposed Data Personal Information Brazil online shopping selling banking transaction

An E-Commerce firm exposed billions worth of Personal Information

According to researchers, a Brazil-based e-commerce firm has accidentally exposed two billion worth of records, including seller’s and client’s confidential and personal information, after a wrong configuration in an Elasticsearch server.  The researcher team who identified the misconfiguration discovered it last June of this year and quickly traced the leak back to a firm that allows vendors to manage and...
Continue Reading
Cyber security risks server misconfigurations Apache Airflow Platforms

Cyber security risks threaten organizations that perform misconfigurations to Apache Airflow Platforms

Apache Airflow is an open-source platform that is popular among organizations. They use it in scheduling and managing workflows. But according to researchers, misconfigurations in Apache Airflow can endanger credentials and other sensitive records to the internet and be involved in a possible cyber security risk.  From the latest discovery of security researchers, there have...
Continue Reading
Admin credentials targeted cybercriminals cloud server cyberattacks

Admin credentials are targeted by cybercriminals to improve attacks against cloud servers

According to Lacework analysts, Docker, Redis, SQL, and SSH have been the main targeted cloud servers in the last three months.  As reported by Lacework’s 2021 Cloud Threat Report Volume 2, a lot of firms must now count cyber threat actors as their competitors. This is due to these two main reasons: cybercriminals are extending...
Continue Reading
ethical hackers researchers hacked indian government critical vulnerabilities flaws

Researcher team hacked Indian government websites by using exposed git and env files

Ethical hackers and cybersecurity researchers disclosed more information on how multiple websites of the Indian government got hacked and breached. Just last month, researchers from the Sakura Samurai hacking group had discovered and disclosed their breach and findings via a large number of critical vulnerabilities on the cyber systems of the Indian government. The full...
Continue Reading
SII Bharat Biotech Stone Panda APT10 Chinese State Hackers

SII and Bharat Biotech, Covid19 vaccine makers targeted by Chinese hackers

The Chinese hacking group Stone Panda or APT10 has been identified as responsible for the attacks on Indian vaccine makers, as confirmed by a cybersecurity firm. The hacking group had identified flaws and vulnerabilities in the IT infrastructure and software supply chain of the world’s largest vaccine maker companies, Serum Institute of India or SII...
Continue Reading
financial services finance industry sector covid19 cyberattacks fraud prevention

Financial Services suffer cyber-attacks related to Covid19

Cybercrime has significantly increased every year, which is directly proportional to the growth of technology. Factors attributed to this increase could be summed up due to the perpetrators’ persistent behaviour through new tactics like using Covid19 as theme and sophisticated applications. Cybercriminals are being backed up by governments and the victim’s open vulnerability. Different sectors...
Continue Reading
hackney council UK London Compromised Data Stolen Data Published Pysa

Data Stolen from Hackney Council in London published online

Hackney Council in the United Kingdom allegedly has their sensitive private data stolen and published online three months after the reported serious ransomware attack that they encountered last October 2020 which have affected their IT systems and network.   The publishing of the stolen data has been claimed by a cyber-crime group known as Pysa/Mespinoza. They had...
Continue Reading
1 2 3 4