The flaw is a Windows LSA Spoofing vulnerability actively exploited in the wild. The vulnerability can be exploited by an unauthenticated attacker to force a domain controller to authenticate against another server using NTLM.
The Hive ransomware operation has been active since June 2021, it provides Ransomware-as-a-Service Hive and adopts a double-extortion model threatening to publish data stolen from the victims on their leak site (HiveLeaks).
The number of cyberattacks continues to increase as well as their level of sophistication. For this reason, the behavior of each actor in the cyber arena is becoming a national security concern for every government.
Today, the group has announced multiple targets for coordinated DDoS attacks – the resources to be attacked are distributed between so-called “units” who are based on members and volunteers who joined previous and current campaigns.
The Attorney General has issued an arrest warrant for the Russian hacker Nikolaj Kozachek who is accused to have carried out a cyber-espionage attack against the NATO think tank Joint Air Power Competence Center in Germany.
One of the typical phishing page scenarios observed in a recent campaign – a fake billing notification sent on behalf of SendGrid, a Colorado-based customer communication platform for transactional and marketing email.
The hacker conducted a phishing attack, they set up a phishing site that impersonated the official BAYC site claiming that BAYC, MAYC, and OthersideMeta holders were able to claim a free NFT for a short period of time.