Domain Hijacking | Breaking Cybersecurity News | The Hacker News

A new DNS threat actor dubbed  Savvy Seahorse  is leveraging sophisticated techniques to entice targets into fake investment platforms and steal funds. "Savvy Seahorse is a DNS threat actor who convinces victims to create accounts on fake investment platforms, make deposits to a personal account, and then transfers those deposits to a bank in Russia," Infoblox  said  in a report published last week. Targets of the campaigns include Russian, Polish, Italian, German, Czech, Turkish, French, Spanish, and English speakers, indicating that the threat actors are casting a wide net in their attacks. Users are lured via ads on social media platforms like Facebook, while also tricking them into parting with their personal information in return for alleged high-return investment opportunities through fake ChatGPT and WhatsApp bots. The financial scam campaigns are notable for using DNS canonical name (CNAME) records to create a traffic distribution system ( TDS ), thereby allowing threat a

More than 8,000 domains and 13,000 subdomains belonging to legitimate brands and institutions have been hijacked as part of a sophisticated distribution architecture for spam proliferation and click monetization. Guardio Labs is tracking the coordinated malicious activity, which has been ongoing since at least September 2022, under the name SubdoMailing. The emails range from "counterfeit package delivery alerts to outright phishing for account credentials." The Israeli security company attributed the campaign to a threat actor it calls  ResurrecAds , which is known to resuscitate dead domains of or affiliated with big brands with the end goal of manipulating the digital advertising ecosystem for nefarious gains. "'ResurrecAds' manages an extensive infrastructure encompassing a wide array of hosts, SMTP servers, IP addresses, and even private residential ISP connections, alongside many additional owned domain names," security researchers Nati Tal and Ole

Want to know what's the latest and greatest in SecOps for 2024? Gartner's recently released Hype Cycle for Security Operations report takes important steps to organize and mature the domain of Continuous Threat Exposure Management, aka CTEM. Three categories within this domain are included in this year's report: Threat Exposure Management, Exposure Assessment Platforms (EAP), and Adversarial Exposure Validation (AEV). These category definitions are aimed at providing some structure to the evolving landscape of exposure management technologies. Pentera, listed as a sample vendor in the newly defined AEV category, is playing a pivotal role in increasing the adoption of CTEM, with a focus on security validation. Following is our take on the CTEM related product categories and what they mean for enterprise security leaders. The Industry is Maturing CTEM, coined by Gartner in 2022, presents a structural approach for continuously assessing, prioritizing, validating, and remediating expo