Cloudflare Says It Mitigated Record 11.5 Tbps Volumetric DDoS Attack

News

Cloudflare Says It Mitigated Record 11.5 Tbps Volumetric DDoS Attack What Cloudflare reported Internet infrastructure company Cloudflare said it recently blocked the largest recorded volumetric distributed denial-of-service (DDoS) attack, which peaked at 11.5 terabits per second (Tbps). Cloudflare said it recently blocked the largest recorded volumetric distributed denial-of-service (DDoS) attack, which peaked at 11.5 terabits…

Silver Fox Abuses Microsoft-Signed WatchDog Driver amsdk.sys to Deploy ValleyRAT

News

Silver Fox Abuses Microsoft-Signed WatchDog Driver amsdk.sys to Deploy ValleyRAT Overview Security researchers attribute a Bring Your Own Vulnerable Driver (BYOVD) campaign to a threat actor known as Silver Fox that leverages a previously unknown vulnerable Windows kernel driver to neutralize endpoint defenses and deploy ValleyRAT. The vulnerable component is a 64-bit, validly signed kernel…

Zscaler Salesforce Breach Exposes Customer Support Data After Salesloft/Drift Vendor Compromise

News

Zscaler Salesforce Breach Exposes Customer Support Data After Salesloft/Drift Vendor Compromise What happened Cybersecurity firm Zscaler has disclosed a data breach after threat actors gained access to its Salesforce instance and extracted customer information, including the contents of support cases. According to Zscaler’s notification and reporting by BleepingComputer, the intrusion followed compromises at third‑party vendors…

Zscaler Customer Data Exposed After Attackers Accessed Salesforce Instance

News

Zscaler Customer Data Exposed After Attackers Accessed Salesforce Instance Summary of the incident Cybersecurity vendor Zscaler has disclosed a data breach in which threat actors gained access to its Salesforce instance and exfiltrated customer information, including the contents of support cases. Zscaler warned customers about the incident and said the breach followed the compromise of…

Amazon disrupts Russian APT29 campaign targeting Microsoft 365 accounts

News

Amazon disrupts Russian APT29 campaign targeting Microsoft 365 accounts Summary of the disruption Amazon has been reported to have disrupted an operation attributed to the Russian state-sponsored threat group known as Midnight Blizzard (also tracked as APT29) that sought access to Microsoft 365 accounts and tenant data. Researchers who investigated the activity described the disruption…

ScarCruft (APT37) Deploys RokRAT in “Operation HanKook Phantom” Targeting South Korean Academics

News

ScarCruft (APT37) Deploys RokRAT in “Operation HanKook Phantom” Targeting South Korean Academics Summary of the discovery Cybersecurity researchers at Seqrite Labs have identified a new phishing campaign attributed to ScarCruft, an actor widely reported as North Korea–linked and also tracked as APT37. Seqrite has codenamed the activity Operation HanKook Phantom. According to the report, the…