PossibleThreat Articles – Page 3 – Articles for the experts…

Credit to Author: Microsoft Threat Intelligence| Date: Thu, 06 Feb 2025 18:00:00 +0000

Microsoft Threat Intelligence observed limited activity by an unattributed threat actor using a publicly available, static ASP.NET machine key to inject malicious code and deliver the Godzilla post-exploitation framework. In the course of investigating, remediating, and building protections against this activity, we observed an insecure practice whereby developers have incorporated various publicly disclosed ASP.NET machine keys from publicly accessible resources, such as code documentation and repositories, which threat actors have used to launch ViewState code injection attacks and perform malicious actions on target servers.

The post Code injection attacks using publicly disclosed ASP.NET machine keys appeared first on Microsoft Security Blog.

MalwareBytes Security

New scams could abuse brief USPS suspension of inbound packages from China, Hong Kong

February 6, 2025 0 Comments news, scams, usps

News about USPS suspending shipments from China and Hong Kong may give scammers some ideas to defraud consumers

Security Wired

DOGE Teen Owns ‘Tesla.Sexy LLC’ and Worked at Startup That Has Hired Convicted Hackers

February 6, 2025 0 Comments politics / politics news, Security, Security / National Security

Credit to Author: Andy Greenberg, David Gilbert, Lily Hay Newman| Date: Thu, 06 Feb 2025 07:30:20 +0000

Experts question whether Edward Coristine, a DOGE staffer who has gone by “Big Balls” online, would pass the background check typically required for access to sensitive US government systems.

Security Wired

The Collapse of USAID Is Already Fueling Human Trafficking and Slavery at Scammer Compounds

February 6, 2025 0 Comments politics / policy, Security, Security / Cyberattacks and Hacks, Security / Security News

Credit to Author: Matt Burgess, Lily Hay Newman| Date: Wed, 05 Feb 2025 17:33:53 +0000

The dismantling of USAID by Elon Musk’s DOGE and a State Department funding freeze have severely disrupted efforts to help people escape forced labor camps run by criminal scammers.

MalwareBytes Security

University site cloned to evade ad detection distributes fake Cisco installer

February 5, 2025 0 Comments Cybercrime

Malvertisers got inspired by the website for a German university to bypass ad security and distribute malware.

Security Sophos

Scalable Vector Graphics files pose a novel phishing threat

February 5, 2025 0 Comments .svg, featured, phishing, scalable vector graphics, Spam, threat research

Credit to Author: Andrew Brandt| Date: Wed, 05 Feb 2025 17:01:03 +0000

The SVG file format can harbor malicious HTML, scripts, and malware

MalwareBytes Security

Small business owners, secure your web shop

February 5, 2025 0 Comments Business, credentials, magento, news, phishing, shopify, skimmer, web shop

Web shops are an attractive target. How can SMBs keep theirs safe?

Security Wired

Despite Catastrophic Hacks, Ransomware Payments Dropped Dramatically Last Year

February 5, 2025 0 Comments Security, Security / Cyberattacks and Hacks, Security / Security News

Credit to Author: Andy Greenberg, Lily Hay Newman| Date: Wed, 05 Feb 2025 13:00:00 +0000

Ransomware gangs continued to wreak havoc in 2024, but new research shows that the amounts victims paid these cybercriminals fell by hundreds of millions of dollars.

MalwareBytes Security

Valley News Live exposed more than a million job seeker’s resumes

February 4, 2025 0 Comments aws bucket, news, Privacy, resume, valley news live

Valley News Live exposed more than a million job seeker’s resumes through an open AWS S3 bucket

Independent Krebs Security

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

February 4, 2025 0 Comments 1337 services gmbh, A Little Sunshine, as210558, Breadcrumbs, constella intelligence, cracked, domaintools, dreamdrive gmbh, finn alexander grimpe, finn@shoppy.gg, finndev, florian, florian marzahl, hrb 164175, intel 471, lucas sohn, northdata.com, nulled, olivia.messla@outlook.de, operation talent, sellix, shoppy ecommerce ltd, starkrdp

Credit to Author: BrianKrebs| Date: Tue, 04 Feb 2025 17:09:16 +0000

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled, English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. An investigation into the history of these communities shows their apparent co-founders quite openly operate an Internet service provider and a pair of e-commerce platforms catering to buyers and sellers on both forums.