A proxy phishing is a method of attack that aims to make you visit a malicious link through trusted/reputable websites.
For phishing attacks based on this proxy method, it is most commonly done by abusing the open redirect feature of services such as Google Translate and Bing.
A BEC (Business Email Compromise) attack is a cash-oriented type of cyber fraud that targets companies that work with foreign suppliers and make bank transfers. The attacker somehow obtains the email address of a company executive or an employee responsible for financial transactions, whether corporate or public. They then hunt for words such as request, payment, transfer and urgent in email messages. In the final phase, they try to deceive individuals by impersonating them and inserting themselves into conversations in order to transfer the money to their own account.
WhiteSnake Stealer is a stealer malware sold on underground hacker/cybercrime forums, first observed in early February of 2023. It has been developed in .NET language and can run on Windows and Linux as a cross-platform.
Joomla is used in many websites as a popular content management system. On February 16, 2023, a critical vulnerability with the identifier “CVE-2023-23752” was announced for Joomla. This vulnerability allows unauthorized users to access sensitive information on the website.
Cyber Threat Intelligence (CTI) is a cyber security approach that focuses on gathering information by analyzing both current and potential risks/attacks that threaten the security of a company or organization’s physical and digital assets. CTI teams enable the organizations they serve to take action as soon as possible with the information they provide.
A heap buffer underflow vulnerability has been identified in the management interface of Fortinet’s FortiOS and FortiProxy products. CVSSv3 score was determined as 9.3 of the vulnerability tracked by code CVE-2023-25610.
This security vulnerability allows threat actors to unauthorized code/commands execution or perform DoS attacks with specially generated with HTTP requests.
This cyber threat intelligence report stats prepared by Cyberthint, which includes important cyber incidents that took place in 2022 at the global level, cases encountered by Cyberthint & Seccops teams, observations and analysis, also includes threat predictions for 2023.
The term “vulnerability intelligence” refers to data that may be used to better prepare businesses for any possible dangers they may face. Information regarding the cybersecurity landscape may be both particular, like details about software bugs that might be exploited, and broad, like trends in the industry.
Rapid access to information on the Who, What, Why, When, and How of an event is necessary for a successful response to occurrences. By giving you the necessary context for your enemies’ TTPs ((Adversary) tactics, techniques, and procedures), motives, and goals, Cyberthint serves as an extension of your team and helps you be more proactive.
Cyberthint crawl the web for stolen credit card information sold on underground markets.