Play Ransomware Goes Commercial – Now Offered as a Service to Cybercriminals Nov 21, 2023NewsroomRansomware-as-a-service The ransomware strain known as Play is now being offered to other threat actors “as a service,” new evidence unearthed by Adlumin has revealed. “The unusual lack of even small variations between attacks suggests that Read more…
Google Warns How Hackers Could Abuse Calendar Service as a Covert C2 Channel Nov 06, 2023NewsroomCyber Attack / Online Security Google is warning of multiple threat actors sharing a public proof-of-concept (PoC) exploit that leverages its Calendar service to host command-and-control (C2) infrastructure. The tool, called Google Calendar RAT (GCR), Read more…
Azure Kubernetes Service (AKS) Threat Hunting | MSRC Blog As more businesses shift away from running workloads on dedicated virtual machines to running them inside containers using workload orchestrators like Kubernetes, adversaries have become more interested in them as targets. Moreover, the benefits Kubernetes provides for managing workloads are also Read more…
Microsoft Response to Distributed Denial of Service (DDoS) Attacks against HTTP/2 | MSRC Blog Beginning in September 2023, Microsoft was notified by industry partners about a newly identified Distributed Denial-of-Service (DDoS) attack technique being used in the wild targeting HTTP/2 protocol. This vulnerability (CVE-2023-44487) impacts any internet exposed HTTP/2 endpoints. Read more…
Researchers Uncover Wiretapping of XMPP-Based Instant Messaging Service Oct 28, 2023NewsroomPrivacy / Data Security New findings have shed light on what’s said to be a lawful attempt to covertly intercept traffic originating from jabber[.]ru (aka xmpp[.]ru), an XMPP-based instant messaging service, via servers hosted on Hetzner and Linode (a subsidiary Read more…
Researchers Expose Prolific Puma’s Underground Link Shortening Service A threat actor known as Prolific Puma has been maintaining a low profile and operating an underground link shortening service that’s offered to other threat actors for at least over the past four years. Prolific Puma creates “domain names with an RDGA Read more…