A new hacker forum is taking a unique political stance to support Ukraine in its war with Russia, entertaining only topics and threat activity focused against Russia and Belarus, researchers have found.
Attackers employ evasive tactics to avoid detection, including one called “short-lived domains”—in which the domains used in the attack “stay alive for extremely short periods of time”–that deviates from typical phishing practices, researchers wrote.
Discord a public chat application designed for gamers has grown popular among crypto owners all over the world. Attackers are targeting the Discord servers of several popular nonfungible token (NFT) projects.
Of the 86 APTs that researchers investigated, only eight–Stealth Falcon, APT17, Equation, Dragonfly, Elderwood, FIN8, DarkHydrus and Rancor—exploited vulnerabilities that others didn’t, researchers found.
Researchers discovered a simple malware builder designed to steal credentials, then pinging them to Discord webhooks. A Discord user with the handle “Portu” was found advertising this new password-stealing malware builder.
As adoption increases, so does the interest of cybercriminals. A June Red Hat survey found that a whopping 94 percent of respondents had suffered a Kubernetes security incident over the previous 12 months.
GitHub shared the timeline of breaches in April 2022, this timeline encompasses the information related to when a threat actor gained access and stole private repositories belonging to dozens of organizations.