Commando Cat Cryptojacking Attacks Target Misconfigured Docker Instances

07/06/2024 0 Comments 0 tags

The threat actor known as Commando Cat has been linked to an ongoing cryptojacking attack campaign that leverages poorly secured Docker instances to deploy cryptocurrency miners for financial gain. “The

Muhstik Botnet Exploiting Apache RocketMQ Flaw to Expand DDoS Attacks

06/06/2024 0 Comments 0 tags

The distributed denial-of-service (DDoS) botnet known as Muhstik has been observed leveraging a now-patched security flaw impacting Apache RocketMQ to co-opt susceptible servers and expand its scale. “Muhstik is a

Third-Party Cyber Attacks: The Threat No One Sees Coming – Here’s How to Stop Them

06/06/2024 0 Comments 0 tags

Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill’s threat experts. Each story shines a light on underground activities, the threat actors

Google Maps Timeline Data to be Stored Locally on Your Device for Privacy

06/06/2024 0 Comments 0 tags

Google has announced plans to store Maps Timeline data locally on users’ devices instead of their Google account effective December 1, 2024. The changes were originally announced by the tech

Hackers Exploit Legitimate Packer Software to Spread Malware Undetected

06/06/2024 0 Comments 0 tags

Threat actors are increasingly abusing legitimate and commercially available packer software such as BoxedApp to evade detection and distribute malware such as remote access trojans and information stealers. “The majority

Prevent Account Takeover with Better Password Security

06/06/2024 0 Comments 0 tags

Tom works for a reputable financial institution. He has a long, complex password that would be near-impossible to guess. He’s memorized it by heart, so he started using it for

Hackers Target Python Developers with Fake “Crytic-Compilers” Package on PyPI

06/06/2024 0 Comments 0 tags

Cybersecurity researchers have discovered a malicious Python package uploaded to the Python Package Index (PyPI) repository that’s designed to deliver an information stealer called Lumma (aka LummaC2). The package in

Celebrity TikTok Accounts Compromised Using Zero-Click Attack via DMs

05/06/2024 0 Comments 0 tags

Popular video-sharing platform TikTok has acknowledged a security issue that has been exploited by threat actors to take control of high-profile accounts on the platform. The development was first reported

Zyxel Releases Patches for Firmware Vulnerabilities in EoL NAS Models

05/06/2024 0 Comments 0 tags

Zyxel has released security updates to address critical flaws impacting two of its network-attached storage (NAS) devices that have currently reached end-of-life (EoL) status. Successful exploitation of three of the

Rebranded Knight Ransomware Targeting Healthcare and Businesses Worldwide

05/06/2024 0 Comments 0 tags

An analysis of a nascent ransomware strain called RansomHub has revealed it to be an updated and rebranded version of Knight ransomware, itself an evolution of another ransomware known as