A recent study on HTTP header injection was published by PortSwigger’s director of research, James Kettle. Host Header Injection is frequently underrated and incorrectly…
Latest posts - Page 18
exploit code
Online Exploitation of Over 39,000 Unauthenticated Redis Instances
An unknown attacker tried to install a bitcoin miner on tens of thousands of unauthenticated Redis servers that were accessible via the internet. If…
web app attacks
Chromium’s prototype pollution bug disregarded the Sanitizer API
The problem illustrates difficulties in blocking client-side assaults. An attack-bypassing Sanitizer API, a built-in browser library for eliminating potentially harmful code from user-controlled input…
Malware
Reward points: Scam mobile banking incentives apps tempt users to download RATs that steal personal information on Android smartphones.
Our examination of a fresh iteration of previously disclosed Android malware that steals user information through Reward points scam. They are also distributed through…
LinkedIn
Use of LinkedIn Smart Links in cunning email phishing scams
Phishing actors are successfully rerouting targeted users to phishing pages that collect payment information by leveraging LinkedIn’s Smart Link function to get beyond email…
hacker attack
From the cryptocurrency market creator Wintermute, hackers steal $162 million.
Evgeny Gaevoy, the CEO of Wintermute, said that the company had been hacked and had lost $162.2 million in DeFi operations. Over 50 cryptocurrency…
phishing attack
Phishing attacks using Microsoft 365 pose as US government agencies.
A continuous phishing attacks that targets U.S. government contractors has grown in scope and is now pushing more effective lures and documents. These phishing…
cyber breach
Uber attributes a recent security breach to the LAPSUS$ hacking group
Uber provided additional information on the security problem that occurred last week on Monday. Uber attributed the attack to a threat actor it thinks…
cyberattack
FBI Warns of Increase in Payment Scams in the Healthcare Sector
Cybercriminals use phishing and social engineering to divert payments. FBI Warns of Increase in Payment Scams in the Healthcare Sector. The FBI alerts the…
Ransomware gang
Quantum and BlackCat Ransomware Distribution Started by the Emotet Botnet
Following Conti’s official retirement from the threat scene this year, ransomware-as-a-service (RaaS) organizations like Quantum and BlackCat Ransomware are now using the Emotet malware.…