A cybersecurity threat known as a sitting duck exploit is thought to be putting more than one million websites at risk of attack, according to threat intelligence analysts.
The fact that the attack methodology remains underreported could be the reason why Infoblox security researchers called the discovery of multiple hackers using the vulnerability across widespread cyber attacks eye-opening. Here’s what you need to know. The sitting duck cyber attacks are, Infoblox said, “easy to execute for actors, hard to detect for security teams.” To understand why you need to look at what vulnerability such an attack exploits. “The attack takes advantage of misconfigurations in the Domain Name System settings for an internet domain,” the threat intelligence analysts said, “specifically when the domain server points to the wrong authoritative name server.”
Read more…
Source: Forbes News
Related:
- UK: Personal data stolen in cyber-attack on council
January 16, 2025
Gateshead Council said it is not known how many residents have been affected by the attack, which happened in the early hours of 8 January. Officials at the authority have advised people to watch out for phishing emails or fraudulent activity, and to change passwords if they are concerned about suspicious activity. The council said it ...
- Multi-Vector DDoS Attacks: What They Are and How to Stay Protected
January 15, 2025
Multi-vector DDoS attacks have emerged as one of the biggest challenges in cybersecurity today. The number of such incidents has been growing significantly year over year. In this article, we’ll break down what multi-vector attacks are, how they work, and why they’re such a pressing threat. As DDoS attacks evolve, it becomes increasingly difficult to combat ...
- Hackers are exploiting a new Fortinet firewall bug to breach company networks
January 14, 2025
Security researchers say malicious hackers have been exploiting a newly discovered vulnerability in Fortinet firewalls to break into corporate and enterprise networks. In an advisory published Tuesday, security product maker Fortinet confirmed that a critical-rated vulnerability in its FortiGate firewalls, tracked as CVE-2024-55591, is “being exploited in the wild.” Fortinet made patches available, but security researchers ...
- Patch Tuesday – January 2025
January 14, 2025
Microsoft is addressing 161 vulnerabilities this January 2025 Patch Tuesday. Microsoft has evidence of in-the-wild exploitation and/or public disclosure for eight of the vulnerabilities published today, with three listed on CISA KEV. This is now the fourth consecutive month where Microsoft has published zero-day vulnerabilities on Patch Tuesday without evaluating any of them as critical severity ...
- One Step Ahead in Cyber Hide-and-Seek: Automating Malicious Infrastructure Discovery With Graph Neural Networks
January 13, 2025
When launching and persisting attacks at scale, threat actors can inadvertently leave behind traces of information. They often reuse, rotate and share portions of their infrastructure when automating their campaign’s setup before launching an attack. Defenders can leverage this behavior by pivoting on a few known indicators to uncover newer infrastructure. This article describes the benefits ...
- Analyzing CVE-2024-44243, a macOS System Integrity Protection bypass through kernel extensions
January 13, 2025
Microsoft Threat Intelligence discovered a new macOS vulnerability that could allow attackers to bypass Apple’s System Integrity Protection (SIP) in macOS by loading third party kernel extensions. SIP is a security technology that restricts the performance of operations that may compromise system integrity; thus, a SIP bypass affects the overall security of the operating system. Bypassing ...