Hacker, Threats & Malware, Vulnerabilities
January 13, 2023
Via: CSO OnlineThe Royal ransomware group is believed to be actively exploiting a critical security flaw affecting Citrix systems, according to the cyber research team at cyber insurance provider At-Bay. Announced by Citrix on November 8, 2022, the vulnerability, identified as CVE-2022-27510, […]
Hacker, Mobile, Mobile security, Threats & Malware
January 10, 2023
Via: The Hacker NewsThe advanced persistent threat (APT) group known as StrongPity has targeted Android users with a trojanized version of the Telegram app through a fake website that impersonates a video chat service called Shagle. “A copycat website, mimicking the Shagle service, […]
January 9, 2023
Via: TechRadarChatGPT continues filling the headlines – but this time for all the wrong reasons, experts have warned. Cybersecurity researchers from Check Point Research (CPR) have observed the tool being used by cybercriminals to improve – and sometimes build from scratch […]
January 6, 2023
Via: Security WeekActive since at least 2006 and linked to the Russian government, the cyberespionage group is also tracked as Snake, Venomous Bear, Krypton, and Waterbug, and has been historically associated with the use of the ComRAT malware. Also known as Wauchos […]
January 3, 2023
Via: TechRadarRarely do we see cybercriminals engage in brand crisis management but it’s 2023 now and anything’s possible. An affiliate of the infamous LockBit ransomware-as-a-service program recently attacked SickKids.ca – the Hospital for Sick Children. SickKids is a major pediatric teaching […]
December 30, 2022
Via: Security AffairsThe Port of Lisbon is the third-largest port in Portugal and one of the main European ports due to its strategic location. The website of the port was hit by a cyber attack on December 25, in response to the […]
December 29, 2022
Via: TechRadarScammers are abusing Google Adwords, the search engine giant’s advertising platform, to spread malware to people looking for legitimate and popular software. Google’s safety measures are usually robust, but experts found that they managed to employ a workaround. The campaign […]
December 29, 2022
Via: Help Net SecurityLess sophisticated fraud — in which doctored identity documents are readily spotted — has jumped 37% in 2022, according to Onfido. Fraudsters can scale these attacks on an organization’s systems around the clock. It is estimated that the current global […]
December 28, 2022
Via: Security AffairsBitKeep was the victim of a supply chain attack that resulted in the theft of over $9 Million worth of digital currencies from its customers. The attack took place on December 26, threat actors were able to distribute tainted versions […]
December 27, 2022
Via: Dark ReadingLast week Okta announced a security breach that involved an attacker gaining access to its source code hosted in GitHub. That’s just the latest example in a long string of attacks gaining access to company source code in GitHub. Dropbox, […]
December 27, 2022
Via: The Hacker NewsBlueNoroff, a subcluster of the notorious Lazarus Group, has been observed adopting new techniques into its playbook that enable it to bypass Windows Mark of the Web (MotW) protections. This includes the use of optical disk image (.ISO extension) and […]
December 27, 2022
Via: TechRadarJust when you thought the various controversies surrounding Twitter were winding down, a hacker claims to be selling the data of 400 million users. The data is said to have been captured in 2021, and was obtained using an API […]
December 27, 2022
Via: Security AffairsBTC.com is a website that provides services for managing and transferring Bitcoin, it offers a digital wallet for storing Bitcoin, a trading interface for exchanging Bitcoin with other cryptocurrencies and fiat currencies, and a mining platform for participating in the […]
December 22, 2022
Via: The Hacker NewsOkta, a company that provides identity and access management services, disclosed on Wednesday that some of its source code repositories were accessed in an unauthorized manner earlier this month. “There is no impact to any customers, including any HIPAA, FedRAMP […]
December 14, 2022
Via: Dark ReadingAn analysis of threats encountered by four organizations has identified the most common techniques used by attackers to compromise systems, infiltrate networks, and steal data, according to data analysts at Splunk, which published details of the research on Dec. 14. […]
December 8, 2022
Via: TechRadarA new set of web skimming attacks have been discovered by JavaScript monitoring company Jscrambler, including attacks using methods that are reportedly unrecognizable. In a blog post(opens in new tab), the company outlined how it detected a web skimming attack […]
November 30, 2022
Via: CSO OnlineRansom Cartel, a ransomware-as-a-service (RaaS) operation, has stepped up its attacks over the past year after the disbanding of prominent gangs such as REvil and Conti. Believed to have launched in December 2021, Ransom Cartel has made victims of organizations […]
Hacker, Mobile, Mobile security, Threats & Malware
November 28, 2022
Via: Security WeekAn advanced persistent threat (APT) actor focused on cyberespionage, Bahamut was initially detailed in 2017, but continues to be active, leveraging a fake online empire of social media personas, websites, and applications, which has allowed it to fly under the […]
November 17, 2022
Via: Security Affairs“Vyacheslav “Tank” Penchukov, the accused 40-year-old Ukrainian leader of a prolific cybercriminal group that stole tens of millions of dollars from small to mid-sized businesses in the United States and Europe, has been arrested in Switzerland, according to multiple sources.” […]
November 11, 2022
Via: CSO OnlineThe Australian Federal Police has revealed that those responsible for the data breach of Australian private health insurer Medibank are in Russia. On October 13, Medibank paused trading in the Australian Securities Exchange and announced there had been a “cyber […]