This week it was revealed that a huge credential stuffing attack had cost sports betting organization DraftKings $300,000. More specifically, cyber-crooks had used credential stuffing to gain access to many DraftKings customer accounts via a large-scale account takeover (ATO) attack and withdrawn funds. DraftKings has subsequently reimbursed the affected accounts, leaving the business out of pocket rather than its customers.
LogSentinel’s operational security platform ( SIEM, XDR & SOAR) continuously optimizes the models of specialized threat systems and has created eight layers of anti-threat weapons. Based on the characteristics of user behavior and traffic analysis, the series of local anti-threat modules form an iron wall to prevent telecommunication and network threats and protect the safety of users’ communications and property.
Supply Chain attacks are not new, but this past year they received much more attention due to high profile vulnerabilities in popular dependencies. Generally, the focus has been on the dependency attack vector. This is when source code of a dependency or product is modified by a malicious actor in order to compromise anyone who uses it in their own software.
Cyber threats are a big deal in today’s society. It seems like every other day, there is a new scam or cyber attack that is making the rounds. In this blog post, we will take a look at some of the biggest threats and scams that you need to be aware of. We will also discuss how to protect yourself from these attacks.
Pro-Russian threat actor group Killnet claims to have launched DDoS attacks against Starlink and the United States’ government website whitehouse.gov. Starlink is a satellite internet service company operated by SpaceX. In 2019, SpaceX began launching Starlink satellites, and as of September 2022 is reported to have launched more than 3,000 satellites into low-Earth orbit (LEO).
Vice Society, the cybercriminal gang responsible for the attack, is believed to have used internal login credentials leaked on the dark web to access LAUSD’s network and launch the ransomware attack. Twenty-three internal LAUSD credentials were leaked on the dark web leading up to the attack, with at least one set granting access to LAUSD’s Virtual Private Network (VPN).
Cryptomining attacks are becoming more notable in-line with the rise of blockchain and cryptocurrencies, so detecting cryptomining has become a high priority. Security researchers have found data breaches related to various cryptominer binaries running within victims’ infrastructures. The default openness of Kubernetes clusters and the availability of the extensive compute power required for mining makes Kubernetes clusters a perfect target for cryptomining attacks.