In late 2023 and early 2024, the ransomware ecosystem experienced repeated disruption of its most prolific Ransomware-as-a-Service (RaaS) groups at the hands of international Law Enforcement (LE). Alphv’s dark web data leak site was seized, then unseized, then re-seized in a December 2023 law enforcement operation that seemingly failed to deter the group – until AlphV ultimately claimed to disband via an apparent exit scam, immediately following a high-profile attack against Change Healthcare in March 2024. LockBit experienced a far more dramatic and well-marketed disruption, “Operation Cronos,” in February 2024, leading to the compromise of its infrastructure, internal operational details, and data. While LockBit has ostensibly continued operations, its highly publicized disruption raises the question of whether the group will be able to continue operating and attracting affiliates at the level they once enjoyed.
The U.S. Department of Justice in a lawsuit filed Thursday is accusing Apple of discarding user security and privacy protections as part of a broader effort to
When OpenAI CEO Sam Altman announced GPTs, custom chatbots powered by OpenAI's generative AI models, onstage at the company's first-ever developer
Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet's FortiClient Enterprise Management Server (EMS) software, which is now actively exploited in attacks.
Fixing newly discovered side channel will likely take a major toll on performance.
The company behind the Saflok-brand door locks is offering a fix, but it may take months or years to reach some hotels.
This joint guide, Understanding and Responding to Distributed Denial-Of-Service Attacks, addresses the specific needs and challenges faced by organizations in defending against DDoS attacks. The guidance now includes detailed insight into three different types of DDoS techniques:
Volumetric, attacks aiming to consume available bandwidth.
Protocol, attacks which exploit vulnerabilities in network protocols.
Application, attacks targeting vulnerabilities in specific applications or running services.
Read the new Microsoft Threat Intelligence tax season report to learn about the techniques that threat actors use to mislead taxpayers.
Huntress recently detected interesting activity on an endpoint; a threat actor was attempting to establish a foothold on an endpoint by using commands issued via MSSQL to upload a reverse shell accessible from the web server. All attempts were obviated by MAV and process detections, but boy-howdy, did they try!
Within Rapid7 Labs we continually track and monitor threat groups. As part of this process, we routinely identify evolving tactics from threat groups in what is an unceasing game of cat and mouse.
On the first day of Pwn2Own Vancouver 2024, contestants demoed Windows 11, Tesla, and Ubuntu Linux zero-day vulnerabilities and exploit chains to win $732,500 and a Tesla Model 3 car.
Ivanti warned customers to immediately patch a critical severity Standalone Sentry vulnerability reported by NATO Cyber Security Centre researchers.
Researchers at ESET say they spotted thousands of new infections with AceCryptor, which allows malware to slip into systems without being detected by anti-virus software.
Microsoft Copilot for Security will be generally available on April 1st. Read this blog to learn about new productivity research, product capabilities,..
A new Denial-of-Service (DoS) attack targets application-layer protocols that draw on the User Datagram Protocol (UDP) for end-to-end communication. The vulnerability affects both legacy and contemporary protocols. Discovered by Christian Rossow and Yepeng Pan, the attack puts an estimated 300,000 Internet hosts and their networks at risk.
Les suspects, âgés de 21, 22 et 23 ans, ont été arrêtés dimanche. L'attaque qu'ils sont soupçonnés d'avoir menée concerne potentiellement les données de 43 millions d'inscrits.
...Among these, russian-speaking dark web forums hold a unique position due to their extensive user base and the intricate of their operations.
Early this February, Fortinet released an advisory for an "out-of-bounds write vulnerability" that could lead to remote code execution. The issue affected the SSL VPN component of their FortiGate network appliance and was potentially already being exploited in the wild. In this post we detail the steps we took to identify the patched vulnerability and produce a working exploit.
The French government said it would seek “a national solution” to protect Atos, a debt-burdened company that serves nuclear programs and the military.
