DDoS Attack

Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors

Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors Cloudflare has disclosed that it mitigated a record-breaking distributed denial-of-service (DDoS) attack that peaked at 3.8 terabits per second (Tbps) and lasted 65 seconds. The web infrastructure and security company said it fended off “over one hundred hyper-volumetric L3/4 DDoS Read more…

Data Exfiltration

China-Linked CeranaKeeper Targeting Southeast Asia with Data Exfiltration

China-Linked CeranaKeeper Targeting Southeast Asia with Data Exfiltration Oct 02, 2024Ravie LakshmananCyber Espionage / Cloud Security A previously undocumented threat actor called CeranaKeeper has been linked to a string of data exfiltration attacks targeting Southeast Asia. Slovak cybersecurity firm ESET, which observed campaigns targeting governmental institutions in Thailand starting in Read more…

India-Linked Hackers

Cloudflare Warns of India-Linked Hackers Targeting South and East Asian Entities

Cloudflare Warns of India-Linked Hackers Targeting South and East Asian Entities Sep 26, 2024Ravie LakshmananCloud Security / Cyber Espionage An advanced threat actor with an India nexus has been observed using multiple cloud service providers to facilitate credential harvesting, malware delivery, and command-and-control (C2). Web infrastructure and security company Cloudflare Read more…

Phishing Scheme

Europol Shuts Down Major Phishing Scheme Targeting Mobile Phone Credentials

Europol Shuts Down Major Phishing Scheme Targeting Mobile Phone Credentials Law enforcement authorities have announced the takedown of an international criminal network that leveraged a phishing platform to unlock stolen or lost mobile phones. The phishing-as-a-service (PhaaS) platform, called iServer, is estimated to have claimed more than 483,000 victims globally, Read more…

New PEAKLIGHT Dropper Deployed in Attacks Targeting Windows with Malicious Movie Downloads

New PEAKLIGHT Dropper Deployed in Attacks Targeting Windows with Malicious Movie Downloads

New PEAKLIGHT Dropper Deployed in Attacks Targeting Windows with Malicious Movie Downloads Aug 23, 2024Ravie LakshmananMalware / Threat Intelligence Cybersecurity researchers have uncovered a never-before-seen dropper that serves as a conduit to launch next-stage malware with the ultimate goal of infecting Windows systems with information stealers and loaders. “This memory-only Read more…

New Phishing Campaign Deploys WARMCOOKIE Backdoor Targeting Job Seekers

New Phishing Campaign Deploys WARMCOOKIE Backdoor Targeting Job Seekers

New Phishing Campaign Deploys WARMCOOKIE Backdoor Targeting Job Seekers Cybersecurity researchers have disclosed details of an ongoing phishing campaign that leverages recruiting- and job-themed lures to deliver a Windows-based backdoor named WARMCOOKIE. “WARMCOOKIE appears to be an initial backdoor tool used to scout out victim networks and deploy additional payloads,” Read more…

Okta Warns of Credential Stuffing Attacks Targeting Customer Identity Cloud

Okta Warns of Credential Stuffing Attacks Targeting Customer Identity Cloud

Okta Warns of Credential Stuffing Attacks Targeting Customer Identity Cloud Okta is warning that a cross-origin authentication feature in Customer Identity Cloud (CIC) is susceptible to credential stuffing attacks orchestrated by threat actors. “We observed that the endpoints used to support the cross-origin authentication feature being attacked via credential stuffing Read more…