GitHub has become a major platform that cybercriminals use for various attack methods such as payload delivery, dead drop resolution (DDR), C2 (Command and Control) and exfiltration. T This is because GitHub is considered legitimate traffic, which threat actors can…
Category: EN
Inferno Drainer Spoofs Over 100 Crypto Brands to Steal $80m+
Group-IB report lifts the lid on infamous crypto-drainer malware Inferno Drainer This article has been indexed from www.infosecurity-magazine.com Read the original article: Inferno Drainer Spoofs Over 100 Crypto Brands to Steal $80m+
Integrating Zscaler ZIA with Sekoia.io
In September 2023, the Sekoia.io team embarked on a new intake development to integrate Zscaler ZIA logs into our SOC platform. After implementing Zscaler integration with a wide range of supported logs, events, and related built-in rules, our team shifted…
Inferno Malware Masqueraded as Coinbase, Drained $87 Million from 137,000 Victims
The operators behind the now-defunct Inferno Drainer created more than 16,000 unique malicious domains over a span of one year between 2022 and 2023. The scheme “leveraged high-quality phishing pages to lure unsuspecting users into connecting their cryptocurrency wallets with the attackers’…
Russian Hackers Orchestrate Ukrainian Telecom Giant Attack
In a recent revelation by Ukraine’s top cyber official, Illia Vitiuk, it has been unveiled that the cyberattack on Kyivstar, Ukraine’s largest telecom operator, had its roots embedded months before the notorious December hack. The Ukrainian Telecom Giant attack, attributed…
Hackers Weaponize Windows Flaw to Deploy Crypto-Siphoning Phemedrone Stealer
Threat actors have been observed leveraging a now-patched security flaw in Microsoft Windows to deploy an open-source information stealer called Phemedrone Stealer. “Phemedrone targets web browsers and data from cryptocurrency wallets and messaging apps such as Telegram, Steam, and Discord,” Trend…
Mastermind Hacker Behind $2 Million Crypto Scam Arrested
The 29-year-old man was arrested in Mykolaiv, Ukraine, for using hacked accounts to create 1 million virtual servers to illegally mine cryptocurrency. It is estimated that the suspect has mined cryptocurrency worth over USD 2 million (or EUR 1.8 million). The…
Cyber Attack on Telecommunications Company
Isn’t it fascinating that the most expensive consequence of a cyber attack is information loss, which accounts for 43 percent of the overall costs incurred? The telecom sector, which includes the telephones, internet, cables, and aircraft, are the backbone of…
How does technology impact well-being? Cisco and OECD will launch a global study to find out.
Cisco announces a partnership with the OECD to study well-being in the digital age. Our joint initiative will examine the complex nature of digital transformation, its role as both a catalyst for progress and a source of potential risk to…
Experts warn of a vulnerability affecting Bosch BCC100 Thermostat
Researchers warn of high-severity vulnerability affecting Bosch BCC100 thermostats. Researchers from Bitdefender discovered a high-severity vulnerability affecting Bosch BCC100 thermostats. The researchers discovered a vulnerability, tracked as CVE-2023-49722 (CVSS score: 8.3), that can be exploited by an attacker on the…
Ransomware attacks witnessed 55% surge in 2023
The conclusion of the year 2023 witnessed an alarming 55% surge in ransomware attacks, as reported by Cyberint, a company specializing in threat intelligence services. In comparison to the preceding year’s 2034 victims, ransomware gangs targeted approximately 4356 victims in…
Critical Apache OFBiz Zero-day AuthBiz (CVE-2023-49070 and CVE-2023-51467)
Cybersecurity researchers recently uncovered a critical flaw in the widely used Apache OFBiz Enterprise Resource Planning (ERP) system, CVE-2023-51467. The zero-day vulnerability CVE-2023-51467 poses a significant threat, boasting a CVSS. The post Critical Apache OFBiz Zero-day AuthBiz (CVE-2023-49070 and CVE-2023-51467)…
10 cybersecurity frameworks you need to know about
As cyber threats grow more sophisticated, understanding and implementing robust cybersecurity frameworks is crucial for organizations of all sizes. This article lists the most essential cybersecurity frameworks developed to guide businesses and governments in safeguarding their digital assets. From the…
3 ways to combat rising OAuth SaaS attacks
OAuth attacks are on the rise. In December, the Microsoft Threat Intelligence team observed threat actors misusing OAuth apps to take over a cloud server and mine cryptocurrency, establish persistence following business email compromise and launch spam activity using the…
Tsurugi Linux: Tailoring user experience for digital forensics and OSINT investigations
Tsurugi Linux is a heavily customized open-source distribution focused on supporting DFIR investigations. The project focuses mainly on live forensics analysis, post-mortem analysis, and digital evidence acquisition. Users can also perform malware analysis, OSINT and computer vision activities. “We’ve crafted…
Geopolitical tensions combined with technology will drive new security risks
Misinformation and disinformation are biggest short-term risks, while extreme weather and critical change to Earth systems are greatest long-term concern, according to the Global Risks 2024 Report from the World Economic Forum. Against a backdrop of systemic shifts in global…
China’s gambling crackdown spawned wave of illegal online casinos and crypto-crime in Asia
‘Inaccessible and autonomous armed group territories’ host crooks who use tech to launder cash, run slave scam gangs, and more Global crime networks have set up shop in autonomous territories run by armed gangs across Southeast Asia, and are using…
Ontario city the latest to temporarily lose control of its X account
As in several other recent attacks after taking over and re-naming the account the hacker posted links to cryptocurr This article has been indexed from IT World Canada Read the original article: Ontario city the latest to temporarily lose control…
Warren (Ohio) PD Launches Mark43 Records Management System
Mark43, a leading cloud-native public safety software company that took home Top Awards for Best Disaster Preparedness and Disaster Recovery Solution in the 2023 ‘ASTORS’ Homeland Security Awards Program, is pleased to announce the official deployment of its Records Management…
The Cyber Risk Nightmare and Financial Risk Disaster of Using Personal Messaging Apps in The Workplace
By Anurag Lal, President and CEO of NetSfere Using personal messaging apps for business communication and collaboration is harmless – right? Wrong. This practice, which is unfortunately still widespread in […] The post The Cyber Risk Nightmare and Financial Risk…