Threat Post

Update: GoDaddy Breach Widens to Include Reseller Subsidiaries

The GoDaddy breach affecting 1.2 million customers has widened – it turns out that various subsidiaries that resell GoDaddy Managed WordPress services were also affected.

Ransomware Phishing Emails Sneak Through SEGs

Researchers are raising the alarm over a phishing email kicking off a Halloween-themed MICROP ransomware offensive, which they observed making its way to a target’s inbox despite its being secured by an SEG.

New Spear-Phishing Campaign Exploits Glitch Platform to Steal Employee Credentials

The campaign appears to be targeting only employees working in the Middle East as “a single campaign” in a series of similar, SharePoint-themed phishing scams, researcher Chad Anderson wrote.

Netflix Bait: Phishers Target Streamers with Fake Service Signups

Kaspersky’s researchers observed various lures aimed at targets, depending on their current streaming subscription status. Fake sign-up pages were used to pry email addresses and credit-card data.

Critical Citrix DDoS Bug Shuts Down Network, Cloud App Access

A critical security bug in the Citrix Application Delivery Controller (ADC) and Citrix Gateway could allow cyberattackers to crash entire corporate networks without needing to authenticate.

Massive Zero-Day Hole Found in Palo Alto Security Appliances

Researchers have developed an exploit to gain remote code execution via a massive vulnerability in a security appliance from Palo Alto Networks, potentially exposing 10,000 vulnerable firewalls.

Multiple BusyBox Security Bugs Threaten Embedded Linux Devices

Researchers have discovered 14 critical vulnerabilities in a popular program used in embedded Linux apps, all of which allow for denial of service and 10 that also enable remote code execution.

DDoS Attacks Shatter Records in Q3, Report Finds

The surge in DDoS attacks signal a re-distribution of tactics by malicious actors away from cryptomining and toward the use of DDoS as a tool of intimidation, disinformation, and extortion.

Newly Discovered Initial Access Broker Partners with MountLocker, Phobos, and StrongPity APT

The discovery of the common initial access broker has revealed a tangled web of related attack infrastructure underpinning disparate (and in some cases rival) malware campaigns.

BrakTooth Bluetooth Bugs Bite: Exploit Code, PoC Released

CISA is urging vendors to patch, given the release of public exploit code and a proof-of-concept tool for bugs that open billions of devices – phones, PCs, toys, etc. – to DoS & code execution.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags