Author: HackWatchit

Nick has been tinkering with technology for the last 20 years in both professional and personal capacities. He has held a variety of technical roles and has experience with an array of software and hardware solutions used in enterprise environments. As a security analyst for Black Hills Information Security, Nick continues to pursue his passion of learning how a systems works, how to misuse it, and how to protect it. GoPhish provides a nice platform for creating and running phishing campaigns. This blog will guide you through installing GoPhish and creating a campaign.  For this blog we will target our…

Snow, sleet and freezing rain were expected to continue pummeling the central Appalachians and mid-Atlantic states Wednesday, while California readied for a storm that could flood areas ravaged by the recent wildfires. Especially heavy snowfall — up to nearly 14 inches (25 centimeters) — was expected in parts of Virginia and West Virginia, according to the National Weather Service. Ice accumulations could reach more than a third of an inch (8.4 millimeters) in Stanleytown, Virginia, and a quarter of an inch (6.3 millimeters) in Glendale Springs, North Carolina. In California, an atmospheric river — a long band of water vapor…

A China-based threat actor, tracked as Emperor Dragonfly and commonly associated with cybercriminal endeavors, has been observed using in a ransomware attack a toolset previously attributed to espionage actors. The hackers deployed the RA World ransomware against an Asian software and services company and demanded an initial ransom payment of $2 million. Researchers from Symantec’s Threat Hunter Team observed the activity in late 2024 and highlight a potential overlap between state-backed cyber espionage actors and financially motivated cybercrime groups. “During the attack in late 2024, the attacker deployed a distinct toolset that had previously been used by a China-linked actor in classic espionage attacks,”…

This is the fourth in our series of blogs about the quantum threat. Our most recent post, The Impacts of Government Regulations on PQC Product Availability, discussed government standards for Post-Quantum Computing (PQC) and their impact on PQC adoption. As a diverse collection of stakeholders anticipates the maturing of PQC, the risks of Q-Day and Harvest Now, Decrypt Later (HNDL) cyberattacks remain a cause for concern. In this post, we will explore what’s available today for quantum-safe solutions, along with the viability and potential of Quantum Key Distribution (QKD), an emerging technology that spans the gap between the present and…

Torrance, United States / California, January 22nd, 2025, CyberNewsWire AI SPERA, a leading Cyber Threat Intelligence (CTI) provider, has collaborated with OnTheHub, a global provider of software in education, to deliver its integrated cybersecurity solution, Criminal IP, to students and educational institutions. This strategic initiative aims to enhance cybersecurity awareness and protection in the education sector by offering internationally compliant solutions at affordable prices. Criminal IP will now extend its reach to educational institutions worldwide, reinforcing its growing presence in the global security market. Since its launch, Criminal IP has gained users in over 150 countries and formed strategic alliances…

Is your Mac running slower than usual? Apps or web pages going haywire for no discernible reason? Running low on disk space? Excess cache files might be to blame in each of these cases. In this guide, we’ll focus on how to clear cache on Mac devices to improve performance, free up space, and fix any pesky issues. Read on for quick tutorials on clearing your Mac system, user, browser, and DNS cache. We also offer some valuable tools to make the job easier, explain why you should clear your cache in the first place, and answer some topic-related questions…

New Astaroth Phishing Kit bypasses 2FA (two-factor authentication) to steal Gmail, Yahoo and Microsoft login credentials using a reverse proxy, real-time credential capture, and session hijacking. An advanced new phishing kit, dubbed Astaroth, has emerged on cybercrime networks, discovered by SlashNext Threat Researchers. According to SlashNext’s research, shared with Hackread.com ahead of its publishing, Astaroth is designed to bypass two-factor authentication (2FA) through a combination of session hijacking and real-time credential interception.  How Astorath Works? Astaroth operates by employing an evilginx-style reverse proxy (where a malicious server acts as an intermediary between the victim and a legitimate website). This technique…

Technology integration bolsters detection and response across entire security stack—helping to reduce mean time to contain to under five minutes. As organizations become increasingly complex, cloud infrastructure has become an essential component of their IT environments. While cloud infrastructure helps manage increases in dispersed data, it also exposes organizations to new threats that traditional security tools might not address. At the same time, cloud detection and response (CDR) tools are not always integrated with the rest of an enterprise’s security operations. Traditional approaches to CDR typically involve multiple technologies that don’t talk to each other. This creates data silos and…

Palo Alto Networks introduced Cortex Cloud, the next version of Prisma Cloud, that natively brings together new releases of its cloud detection and response (CDR) and cloud native application protection platform (CNAPP) capabilities on the unified Cortex platform. The new solution equips security teams with significant innovations powered by AI and automation that go beyond traditional “peace time” approaches to cloud security and stop attacks in real-time. Unit 42 reports reveal that 80% of security exposures were found in cloud attack surfaces, with a 66% increase in threats targeting cloud environments. As cloud adoption and AI usage grow, Cortex Cloud…