Polymath Central

Experts Uncover 70,000 Hijacked Domains in Widespread ‘Sitting Ducks’ Attack Scheme

November 14, 2024

Multiple threat actors have been found taking advantage of an attack technique called Sitting Ducks to hijack legitimate domains for using them in phishing attacks and investment fraud schemes for…

Cybersecurity

Google Warns of Rising Cloaking Scams, AI-Driven Fraud, and Crypto Schemes

November 14, 2024

Google has revealed that bad actors are leveraging techniques like landing page cloaking to conduct scams by impersonating legitimate sites. “Cloaking is specifically designed to prevent moderation systems and teams…

Cybersecurity

5 BCDR Oversights That Leave You Exposed to Ransomware

November 14, 2024

Ransomware isn’t just a buzzword; it’s one of the most dreaded challenges businesses face in this increasingly digitized world. Ransomware attacks are not only increasing in frequency but also in…

Cybersecurity

TikTok Pixel Privacy Nightmare: A New Case Study

November 14, 2024

Advertising on TikTok is the obvious choice for any company trying to reach a young market, and especially so if it happens to be a travel company, with 44% of…

Cybersecurity

New RustyAttr Malware Targets macOS Through Extended Attribute Abuse

November 14, 2024

Threat actors have been found leveraging a new technique that abuses extended attributes for macOS files to smuggle a new malware called RustyAttr. The Singaporean cybersecurity company has attributed the…

Cybersecurity

Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails

November 14, 2024

A newly patched security flaw impacting Windows NT LAN Manager (NTLM) was exploited as a zero-day by a suspected Russia-linked actor as part of cyber attacks targeting Ukraine. The vulnerability…

Cybersecurity

Hamas-Affiliated WIRTE Employs SameCoin Wiper in Disruptive Attacks Against Israel

November 13, 2024

A threat actor affiliated with Hamas has expanded its malicious cyber operations beyond espionage to carry out disruptive attacks that exclusively target Israeli entities. The activity, linked to a group…

Cybersecurity

Free Decryptor Released for BitLocker-Based ShrinkLocker Ransomware Victims

November 13, 2024

Romanian cybersecurity company Bitdefender has released a free decryptor to help victims recover data encrypted using the ShrinkLocker ransomware. The decryptor is the result of a comprehensive analysis of ShrinkLocker’s…

Cybersecurity

Comprehensive Guide to Building a Strong Browser Security Program

November 13, 2024

The rise of SaaS and cloud-based work environments has fundamentally altered the cyber risk landscape. With more than 90% of organizational network traffic flowing through browsers and web applications, companies…

Cybersecurity

OvrC Platform Vulnerabilities Expose IoT Devices to Remote Attacks and Code Execution

November 13, 2024

A security analysis of the OvrC cloud platform has uncovered 10 vulnerabilities that could be chained to allow potential attackers to execute code remotely on connected devices. “Attackers successfully exploiting…