The U.S. National Wildfire Coordinating Group’s (NWCG) website was discovered hosting a JavaScript downloader used to deliver the infamous Cerber ransomware.
Legitimate tools used by IT/system administrators have become valuable cybercriminal targets because of the privilege they provide for greater network access. Here are some best practices for mitigating the abuse of sysadmin tools.
Hackers abused a bug in Instagram’s API and gained access to prominent users’ contact information. The company confirmed that email addresses and phone numbers were stolen.