Read the original article: Flagstar Bank Suffers Data Breach US-based bank and mortgage lender Flagstar bank has disclosed that they suffered a data breach after the Clop ransomware gang hacked their Accellion file transfer server in January of this year.…
Tag: Threat Watch – Binary Defense
Scammers Are Already Targeting the Next Round of Coronavirus Relief Checks
Read the original article: Scammers Are Already Targeting the Next Round of Coronavirus Relief Checks During the COVID-19 pandemic, criminals have flagrantly exploited unemployment and relief payments for fraud. Now, the new American Relief Act is expected to be passed…
New Ransomware Encrypts Files in Support of Indian Farmers
Read the original article: New Ransomware Encrypts Files in Support of Indian Farmers Since last year, many farmers in India have been protesting in New Delhi in opposition to new bills passed in 2020, which remove some of the restrictions…
Opportunistic Exploitation of Microsoft Exchange Vulnerabilities Growing
Read the original article: Opportunistic Exploitation of Microsoft Exchange Vulnerabilities Growing Since the revelation of four recently discovered vulnerabilities and following out-of-band updates for Microsoft Exchange, proof of concept exploits are growing in number and many of them have been…
Exchange 0-day attacks: Hundreds of Thousands of Exchange Servers Affected
Read the original article: Exchange 0-day attacks: Hundreds of Thousands of Exchange Servers Affected As originally reported by ZDNet and Brian Krebs, exploitation of the four Microsoft Exchange server vulnerabilities (CVE-2021-27065, CVE-2021-26855,CVE-2021-26857, CVE-2021-26858) have resulted in at least 30,000 compromised…
Pulse Secure and SuperMicro Announce Trickboot Vulnerabilities
Read the original article: Pulse Secure and SuperMicro Announce Trickboot Vulnerabilities SuperMicro and Pulse Secure have both issued advisories recently linking Trickboot to vulnerabilities discovered on certain products. TrickBoot is a new functionality within the TrickBot malware toolset capable of…
Cybercrime Forum Breaches Are a Common Theme in 2021
Read the original article: Cybercrime Forum Breaches Are a Common Theme in 2021 Four cybercrime forums are reported to have been breached in 2021. Information about users of cybercrime forums Verified, Crdclub, Exploit, and Maza have all been exposed in…
FTC Joins 38 States in Takedown of Massive Charity Robocall Operation
Read the original article: FTC Joins 38 States in Takedown of Massive Charity Robocall Operation The US Federal Trade Commission (FTC) shut down a major charity fraud scheme that reportedly received $110 million from victims. The scam utilized bots to…
Details of Two New Ransomware Types Released
Read the original article: Details of Two New Ransomware Types Released Trend Micro researchers have released the details of two new strains of ransomware they are currently following. The first ransomware has been named AlumniLocker and was released in February.…
Stolen SendGrid Accounts Used in Phishing Attacks
Read the original article: Stolen SendGrid Accounts Used in Phishing Attacks A phishing campaign that targets users of Outlook Web Access and Office 365 services has collected thousands of credentials. The attackers behind the campaign used hacked SendGrid accounts to…
BEC Scammers Take a New Approach to Large Payouts
Read the original article: BEC Scammers Take a New Approach to Large Payouts Business email compromise is one of the most common scamming techniques used today, and scammers always find new means to find a payday. Recently scammers have taken…
DHS Warns of Recent Exchange Vulnerabilities
Read the original article: DHS Warns of Recent Exchange Vulnerabilities The Department of Homeland Security (DHS) has issued Emergency Directive 21-02, warning of the recent vulnerabilities discovered in Microsoft’s Exchange server. According to the Cybersecurity & Infrastructure Security Agency (CISA),…
Microsoft Announces New Effort To Stop Excel Macros
Read the original article: Microsoft Announces New Effort To Stop Excel Macros Microsoft has announced the addition of Excel 4.0 XLM macro detection to its Antimalware Scan Interface (AMSI). As AMSI was previously only focused on Visual Basic for Applications…
APT RedEcho Targets India’s Power Sector
Read the original article: APT RedEcho Targets India’s Power Sector Security researchers at Recorded Future released an updated report detailing the China-linked threat group RedEcho and their active targeting of India’s Power Grid. Recorded Future noted similarities between the RedEcho…
Gootloader Abusing SEO to Deliver Malware
Read the original article: Gootloader Abusing SEO to Deliver Malware Sophos released a report yesterday detailing “Gootloader,” the JavaScript-based infection framework, and how it is currently abusing search engine optimization (SEO) to infect its victims. Gootloader is current targeting victims…
ObliqueRAT Receives Steganographic Update
Read the original article: ObliqueRAT Receives Steganographic Update ObliqueRAT, a Remote Access Trojan that was first discovered in early 2020, has received an update that now disguises the payload in image files on compromised websites, according to an article published…
Working Spectre Exploit Found on VirusTotal
Read the original article: Working Spectre Exploit Found on VirusTotal On March 1, 2021, security researcher Julien Voisin documented his findings on two samples uploaded to VirusTotal that appear to exploit the hardware vulnerability CVE-2017-5753, also known as Spectre. In…
Phishing Campaign Targets AOL Users
Read the original article: Phishing Campaign Targets AOL Users An AOL-themed phishing scam is underway that is trying to steal users’ login names and passwords by warning recipients that their account is about to be closed. Most people use Gmail,…
Stolen User Account Information From Three of Androids Largest VPNs For Sale
Read the original article: Stolen User Account Information From Three of Androids Largest VPNs For Sale A user on a popular hacking forum is advertising that they will sell the details of user accounts from three different VPN services offered…
Gab Users Data Posted to DDoSecrets Website
Read the original article: Gab Users Data Posted to DDoSecrets Website Recent reports reveal that users of the social media platform Gab have had their information leaked by the group DDoSecrets. The Gab platform allows content to be posted without…
Fraud Overwhelms Pandemic-Related Unemployment Programs
Read the original article: Fraud Overwhelms Pandemic-Related Unemployment Programs States are scrambling to update security systems as another round of unemployment aid is on the horizon. Identity theft and unemployment fraud has risen to record highs, and often times the…
Threat Groups Are Partnering to Fill Gaps
Read the original article: Threat Groups Are Partnering to Fill Gaps With the number of attacks rising throughout 2020 and 2021 researchers have noted another trend. “Malware as a Service” and partnerships to strengthen the chances of successful operations. As…
Oxford University Covid-19 Research Lab Targeted by Hackers
Read the original article: Oxford University Covid-19 Research Lab Targeted by Hackers ZDNet reported that the Oxford University’s Division of Structural Biology lab (aka “Strubi”) in the UK has confirmed that a security incident had occurred. Previously, a Forbes report…
Proof-of-Concept for vCenter Vulnerability Released
Read the original article: Proof-of-Concept for vCenter Vulnerability Released Shortly after VMware released a security advisory for CVE-2021-21972, proof-of-concept (PoC) code appeared online for exploiting vCenter. This vulnerability was originally found and reported to VMWare by Mikhail Klyuchnikov of Positive…
Ukraine Reports Cyber Attack on Government Document Management System
Read the original article: Ukraine Reports Cyber Attack on Government Document Management System Ukrainian officials are reporting that Russian hackers compromised a government file sharing system. The Russian hackers uploaded malicious documents to the file sharing system in an attempt…
Michigan Healthcare Facility Breached
Read the original article: Michigan Healthcare Facility Breached Covenant Healthcare based in Saginaw, Michigan has disclosed a breach that could possibly affect around 45,000 patients. After partnering with third party security providers, the Covenant team revealed two compromised employee email…
Ransomware Gang Extorts Bombardier With Data Stolen from Accellion FTA
Read the original article: Ransomware Gang Extorts Bombardier With Data Stolen from Accellion FTA Business jet manufacturer Bombardier is the latest company to be extorted by the Cl0p ransomware gang after they exploited a zero-day vulnerability in Accellion FTA to…
Cisco Fixes Maximum Severity Authentication Bypass Vulnerability
Read the original article: Cisco Fixes Maximum Severity Authentication Bypass Vulnerability Cisco has addressed a maximum severity vulnerability in the API endpoint of their Cisco ACI Multi-Site Orchestrator (MSO). The flaw would allow a remote attacker to bypass authentication on…
LazyScripter Threat Group Targets Airlines with Open Source RATs
Read the original article: LazyScripter Threat Group Targets Airlines with Open Source RATs Originally reported by BleepingComputer, security researchers at Malwarebytes have identified a threat group targeting prospective Canadian immigrants, airlines, and the International Air Transport Association, since 2018. Nicknamed…
Researchers Identify a New Malware Builder: APOMacroSploit
Read the original article: Researchers Identify a New Malware Builder: APOMacroSploit A new macro tool has been observed creating weaponized Excel documents targeting over 80 organizations worldwide. APOMacroSploit creates highly obfuscated Excel documents capable of bypassing Gmail, Windows Antimalware Scan…
VMware Fixes Unauthenticated Remote Code Execution in vCenter
Read the original article: VMware Fixes Unauthenticated Remote Code Execution in vCenter VMware issued a security advisory on February 23rd for multiple vulnerabilities, including CVE-2021-21972, an unauthenticated remote code execution (RCE) vulnerability in VMware vCenter. The flaw was found by…
Scammers Threaten Texas Power Customers
Read the original article: Scammers Threaten Texas Power Customers As with any disaster, scammers will use any tragedy they can to trick people into giving them their money. Austin Energy has released warnings that scammers are calling Texas customers and…
Accellion FTA Exploited for Data Theft and Extortion Attempts
Read the original article: Accellion FTA Exploited for Data Theft and Extortion Attempts According to researchers from FireEye, a threat actor tracked by Mandiant as UNC2546 exploited multiple zero-days in Accellion’s legacy File Transfer Appliance (FTA). The goal of the…
Researcher Reveals DDoS Amplification Attack Vector in Powerhouse Management VPN
Read the original article: Researcher Reveals DDoS Amplification Attack Vector in Powerhouse Management VPN Independent researcher Phenomite has discovered a new attack vector that takes advantage of a flaw in Powerhouse Management VPN servers. The vector would allow for an…
Local, State and Federal Prosecutors Launch Georgia Cyber Fraud Task Force
Read the original article: Local, State and Federal Prosecutors Launch Georgia Cyber Fraud Task Force Prosecutors and law enforcement in Georgia are working together to combat Business Email Compromise (BEC) fraud schemes. The U.S. Attorney’s Office for the Northern District…
Google Alerts Service Is Being Abused to Spread Fake Flash Updates
Read the original article: Google Alerts Service Is Being Abused to Spread Fake Flash Updates Google Alerts is a service where users can monitor the web for keywords or phrases and be notified by email of new content. BleepingComputer has…
Python Receives an Update Amid RCE Release
Read the original article: Python Receives an Update Amid RCE Release On February 19th, the Python Software Foundation released Python 3.9.2, and 3.8.8 in order to address two security flaws, one of which can be exploited remotely. The release was…
macOS Malware “Silver Sparrow” is Compatible With The New M1 Chip
Read the original article: macOS Malware “Silver Sparrow” is Compatible With The New M1 Chip Although malware targeting Apple computers running macOS are less common than malware targeting Microsoft Windows, the threat is just as serious and potentially damaging, exposing…
FBI Warns of Telephony DDoS Attacks
Read the original article: FBI Warns of Telephony DDoS Attacks Recently the FBI released a warning in cooperation with the Internet Crime Complaint Center (IC3.gov) that documented the risks behind Telephony DDoS attacks. These types of attacks are essentially used…
Multiple Cities Disclose Data Breach After Vendor’s Ransomware Attack
Read the original article: Multiple Cities Disclose Data Breach After Vendor’s Ransomware Attack A ransomware attack against a widely used payment processor has forced data breach notifications from several cities in California and Washington. Automatic Funds Transfer Services (AFTS) is…
RIPE NCC targeted With Credential Stuffing Attack
Read the original article: RIPE NCC targeted With Credential Stuffing Attack RIPE NCC, a not-for-profit regional Internet Registry for Europe, the Middle East, and parts of Central Asia, has disclosed that they were the victim of a credential stuffing attack.…
Jamaica’s Immigration Website Exposed Thousands of Travelers’ Data
Read the original article: Jamaica’s Immigration Website Exposed Thousands of Travelers’ Data Jamaican government contracted Amber Group to develop a website and app used to publish COVID-19 data and let residents self-report symptoms. The JamCovid19 website and app also acted…
Micro-patch Released for Internet Explorer Zero Day
Read the original article: Micro-patch Released for Internet Explorer Zero Day The team at Enki have discovered a vulnerability in Internet Explorer that has been used in campaigns targeting security researchers. The vulnerability has been exploited to use the browser’s…
Russian Military Intelligence Agency Targeting Outdated Versions of Centreon Software
Read the original article: Russian Military Intelligence Agency Targeting Outdated Versions of Centreon Software As an update to the previous report by the French Agence Nationale de la Sécurité des Systèmes d’Information (ANSSI) regarding several French hosting providers being attacked…
Ninja Forms WordPress Plugin Left One Million Sites Vulnerable
Read the original article: Ninja Forms WordPress Plugin Left One Million Sites Vulnerable Ninja Forms is a popular WordPress plugin for easily creating forms through its drag and drop designer without the need for coding anything by hand. With more…
US Indicts DPRK Hackers for $1.3billion Theft
Read the original article: US Indicts DPRK Hackers for $1.3billion Theft On February 17th, the US Department of Justice announced criminal charges against three North Korean (DPRK) government-backed hackers for thefts of cryptocurrency and funds from banks totaling around $1.3…
Shared SDK Vulnerability Allows Attackers to Infiltrate Calls on Multiple Applications
Read the original article: Shared SDK Vulnerability Allows Attackers to Infiltrate Calls on Multiple Applications In a report released by researchers at McAfee, a new bug tracked as CVE-2020-25605 can allow attackers to join audio and video calls without being…
QNAP Patches Critical Vulnerability in Surveillance Station App
Read the original article: QNAP Patches Critical Vulnerability in Surveillance Station App QNAP has addressed a critical security vulnerability in their Surveillance Station app that, if exploited, would allow an unauthorized user to execute malicious code remotely on a network-attached-storage…
CityBee Users Information Sold on Hacking Forum
Read the original article: CityBee Users Information Sold on Hacking Forum Eastern European ridesharing service CityBee had a large amount of customer information posted for sale on a hacking forum recently. Nearly 110,000 records were posted between February 15th and…
ScamClub Malvertising Leveraged Zero-Day Vulnerability in Browsers
Read the original article: ScamClub Malvertising Leveraged Zero-Day Vulnerability in Browsers Originally reported by BleepingComputer, the malvertising group ScamClub leveraged a zero-day vulnerability in the WebKit browser engine in order to distribute payloads that redirected to gift card scams through…
ANSSI Links Attacks Against French Hosting Providers to Russian Military Intelligence Agency
Read the original article: ANSSI Links Attacks Against French Hosting Providers to Russian Military Intelligence Agency The Agence Nationale de la Sécurité des Systèmes d’Information (ANSSI) has linked breaches against multiple French IT firms to the Sandworm hacking group, which…
NPM Package Repository Seeing Flood of Supply Chain Attack Attempts
Read the original article: NPM Package Repository Seeing Flood of Supply Chain Attack Attempts After recent reports of security researcher Alex Birsan compromising large companies like Microsoft, Apple, Paypal and Netflix through the NPM package repository, Sonatype has spotted over…
VMware Patches Command Injection Vulnerability in vSphere Replication
Read the original article: VMware Patches Command Injection Vulnerability in vSphere Replication VMWare issued an advisory on February 11th warning customers that vSphere Replication “contains a post-authentication command injection vulnerability in the Startup Configuration page.” A threat actor with administrative…
French Hospital Hit with Egregor Ransomware
Read the original article: French Hospital Hit with Egregor Ransomware On February 8th, the Center Hospitalier de Dax-Côte d’Argent in France suffered a ransomware attack that locked hospital staff out of computers and phones, and forced the COVID-19 vaccination clinic…
Egregor Ransomware Members Arrested by Ukrainian, French Police
Read the original article: Egregor Ransomware Members Arrested by Ukrainian, French Police It has been reported that Ukrainian law enforcement officers have arrested several affiliate members of the Egregor ransomware gang. The operation was carried out with the assistance of…
Canadian Rental Car Company Targeted by DarkSide Ransomware
Read the original article: Canadian Rental Car Company Targeted by DarkSide Ransomware Canadian Discount Car and Truck Rentals has been targeted by the threat actors behind the DarkSide ransomware gang. The hackers claim to have stolen 120GB of data from…
Scammers Target U.S. Tax Professionals
Read the original article: Scammers Target U.S. Tax Professionals The Internal Revenue Service (IRS) has issued a warning that identity thieves are actively targeting U.S. tax preparation professionals in a series of phishing scams that attempt to steal Electronic Filing…
Responsive Menu WordPress Plugin Patches File Upload, Remote Code Execution Flaws
Read the original article: Responsive Menu WordPress Plugin Patches File Upload, Remote Code Execution Flaws In December 2020, researchers for WordFence disclosed three security vulnerabilities to the authors of the Responsive Menu WordPress plugin. After nearly a month and an…
Brazil’s National Data Protection Authority Investigates Two Large Data Leaks
Read the original article: Brazil’s National Data Protection Authority Investigates Two Large Data Leaks Brazil’s National Data Protection Authority (ANPD) reports that it is “taking all the appropriate measures” to investigate the exposure of over 200 million citizens’ personal information,…
Avaddon Patches Flaw Allowing Free Decryption
Read the original article: Avaddon Patches Flaw Allowing Free Decryption After a free decryptor for Avaddon ransomware was published by a Ph.D. student at Rey Juan Carlos University, the malware developers have announced they have found the flaw in the…
Increase in Number of Web Shell Attacks
Read the original article: Increase in Number of Web Shell Attacks According to research published by Microsoft’s Detection and Response Team, the number of attacks that planted web shells is up to an average of 140,000 incidents per month between…
PayPal Patches XSS Vulnerability Nearly One Year After Discovery
Read the original article: PayPal Patches XSS Vulnerability Nearly One Year After Discovery PayPal has announced that they’ve patched a bug that was previously reported to them on February 19th, 2020 by “Cr33pb0y.” Discussions were held confidentially between the bug…
FBI Warns of Valentine’s Day Romance Scammers
Read the original article: FBI Warns of Valentine’s Day Romance Scammers The FBI issued a warning as they predict a spike in romance scams due to the upcoming Valentine’s Day this weekend. The FBI’s internet crime complaint center (IC3) reported…
FBI Warns of TeamViewer and Windows 7 Usage
Read the original article: FBI Warns of TeamViewer and Windows 7 Usage Following the Oldsmar, Florida attack where an attacker gained remote access to a water treatment plant computer and modified one of the chemical additives to dangerous levels, the…
KeepChange Bitcoin Exchange Breached
Read the original article: KeepChange Bitcoin Exchange Breached A cryptocurrency exchange that was created last year, KeepChange, stated in a blog post they identified unauthorized activity on their platform. The company said that attackers attempted to withdraw various amounts of…
macOS Sudo Vulnerability Update
Read the original article: macOS Sudo Vulnerability Update As an update to a previous story, Apple has released updates to patch the vulnerability found in Sudo, disclosed by Quays on January 15th, 2021. It was quickly discovered that this vulnerability…
Patch Tuesday Addresses 56 Security Issues
Read the original article: Patch Tuesday Addresses 56 Security Issues On Tuesday February 9th, Microsoft released another round of security updates. These patches address vulnerabilities across multiple products, with 11 rating as critical and one zero day that was being…
Matryosh Botnet Spreading Through Android Devices
Read the original article: Matryosh Botnet Spreading Through Android Devices Security researchers at the China-based Netlab 360 security firm have discovered a new botnet re-using the Mirai botnet framework. Dubbed Matryosh, the botnet has its own unique characteristics and spreads…
UK National Crime Agency Arrests SIM-Card Swappers
Read the original article: UK National Crime Agency Arrests SIM-Card Swappers As originally reported by ZDNet, the UK National Crime Agency has arrested eight men as part of a coordinated crackdown against a SIM swapping gang targeting US celebrities. By…
Hackers Breach Water Treatment Facility, Change Controls to Dangerous Settings
Read the original article: Hackers Breach Water Treatment Facility, Change Controls to Dangerous Settings An unknown threat actor remotely took control of a critical control system at the water treatment facility in Oldsmar, Florida on February 6th. The facility operator…
UPMC Patient Data Exposed After Breach of Local Law Firm
Read the original article: UPMC Patient Data Exposed After Breach of Local Law Firm Pittsburgh area law firm Charles J. Hilton & Associates P.C. (CJH) recently suffered a breach that exposed over 36,000 University of Pittsburgh Medical Center (UPMC) patient…
CD PROJEKT RED RANSOMWARE ATTACK
Read the original article: CD PROJEKT RED RANSOMWARE ATTACK CD PROJEKT RED, the video game developer behind Cyberpunk 2077 and the Witcher trilogy, announced that it has been a victim of a ransomware attack that affected its network. The Polish…
Ukrainian Police Arrest Author of U-Amin, World’s Largest Phishing Service
Read the original article: Ukrainian Police Arrest Author of U-Amin, World’s Largest Phishing Service The Ukrainian Cyber-police, in coordination with the FBI and Australian law enforcement, conducted in an operation ending with the arrest of the author of the world’s…
Hackers Breach Water Facility
Read the original article: Hackers Breach Water Facility An unknown threat actor remotely took control of the water treatment facility in Oldsmar, Florida on February 6th. The facility operator noticed the attacker take control of the mouse on the computer…
Large Increase in RDP Attacks
Read the original article: Large Increase in RDP Attacks In their recently released Q4 2020 report, ESET reports seeing a 768% growth in the amount of Remote Desktop Protocol (RDP) attacks. As more employees than ever worked remotely, resources needed…
Highly Used Android Application Hijacked To Distribute Ads
Read the original article: Highly Used Android Application Hijacked To Distribute Ads ZDNet reported that the popular Barcode Scanner app for Android was recently updated with malicious code to display ads on Android devices. This app had over 10 million…
Threat Actor Uses Morse Code to Hide Malicious JavaScript from Email Threat Scanners
Read the original article: Threat Actor Uses Morse Code to Hide Malicious JavaScript from Email Threat Scanners On February 6th, a Reddit user on the r/sysadmin subreddit posted a link to a malicious HTML file sent in a recent phishing…
The National Cyber Investigative Joint Task Force Releases Ransomware Fact Sheet
Read the original article: The National Cyber Investigative Joint Task Force Releases Ransomware Fact Sheet The National Cyber Investigative Joint Task Force (NCIJTF) was officially established in 2008 and comprises over 30 agencies from law enforcement, the intelligence community and…
Chrome Zero-Day Exploited in the Wild
Read the original article: Chrome Zero-Day Exploited in the Wild Google is releasing a patch for a high severity zero-day vulnerability in Chrome that is being exploited in the wild by attackers. The vulnerability, tracked as CVE-2021-21148, is a heap…
Plex Media Servers Abused for DDoS Attacks
Read the original article: Plex Media Servers Abused for DDoS Attacks Plex Media Server systems are actively being abused to amplify Distributed Denial-of-Service (DDoS) attacks as part of DDoS-for-hire services available to criminals. Plex Media Server is a streaming system…
Spotify Suffers Second Credential Stuffing Attack Since November
Read the original article: Spotify Suffers Second Credential Stuffing Attack Since November Spotify was hit yet again with another credential stuffing attack; this is the second attack the music streaming giant has suffered since November. Taking advantage of reused passwords…
SonicWall Patches Actively Exploited Secure Mobile Appliance (SMA) Vulnerability
Read the original article: SonicWall Patches Actively Exploited Secure Mobile Appliance (SMA) Vulnerability On January 22nd, SonicWall disclosed that a previously undiscovered vulnerability was exploited to attack their Secure Mobile Appliances internally. Soon after that, NCC Group discovered another previously…
NCSC Shares a Cautionary Ransomware Tale
Read the original article: NCSC Shares a Cautionary Ransomware Tale In a post about the rise of ransomware, the United Kingdom’s National Cyber Security Centre (NCSC) has shared a cautionary tale about an unnamed company being hit with the same…
Stormshield Announces Breach, Theft of Source Code
Read the original article: Stormshield Announces Breach, Theft of Source Code As originally reported by ZDNet, French cyber-security firm Stormshield announced that a threat actor gained access to one of its customer support portals. Stormshield provides security services and devices…
DriveSure Client Data Exposed on RaidForums
Read the original article: DriveSure Client Data Exposed on RaidForums Researchers recently discovered a database that included client data of DriveSure clients posted on RaidForums by a frequent poster named “pompompurin”. The data was posted on December 19th and was…
Sudo Bug Impacts macOS
Read the original article: Sudo Bug Impacts macOS A security researcher discovered a security flaw in the Sudo app that impacts the latest macOS operating systems and other operating systems. Sudo allows a system administrator to give certain users (or…
ValidCC Dark Web Credit Card Marketplace Shuts Down
Read the original article: ValidCC Dark Web Credit Card Marketplace Shuts Down ValidCC, a Dark Web market for selling stolen credit cards, was operated by a cybercrime group for the last six years. Last week it unexpectedly shut down. It…
Secondary E-Skimmer Siphons Stolen Data From Original Attacker
Read the original article: Secondary E-Skimmer Siphons Stolen Data From Original Attacker Malwarebytes researchers outlined a new Magecart attack that has been affecting the retailer Costway. Magecart is an umbrella term used to describe several groups of thieves that are…
Kobalos Backdoor Steals SSH Credentials
Read the original article: Kobalos Backdoor Steals SSH Credentials Researchers at ESET have discovered a targeted backdoor for Linux and UNIX systems they are calling Kobalos. Though not widespread, the actors behind the malware are infecting targets with high-performance computers…
Agent Tesla Receives AMSI Targeting Update
Read the original article: Agent Tesla Receives AMSI Targeting Update ZDNet reports that researchers at Sophos have discovered two new variants of AgentTesla, a remote access trojan, which include new features for the malware to evade detection by tampering with…
Breach Exposes 1.6 Million Washington Unemployment Claims
Read the original article: Breach Exposes 1.6 Million Washington Unemployment Claims The Office of the Washington State Auditor’s (SAO) announced that one of its service providers, Accellion, had suffered a data breach in December 2020. Accellion did not notify SAO…
Top Google Search Result for Home Depot is a Malicious Ad
Read the original article: Top Google Search Result for Home Depot is a Malicious Ad Bleeping Computer has received reports recently about a malicious Home Depot ad on Google search results sending users to tech support scams. While scams are…
NightScout Supply-Chain Attack Targets Gamers
Read the original article: NightScout Supply-Chain Attack Targets Gamers Researchers at ESET discovered a supply-chain attack, dubbed NightScout, that was delivering malware using updates to the Android Gaming Emulator, NoxPlayer, made by the Hong Kong based company BigNox. At least…
Trickbot Trojan Back From the Dead in New Campaign
Read the original article: Trickbot Trojan Back From the Dead in New Campaign In October of last year, Microsoft used a court order to disrupt the prolific ransomware distributor Trickbot. The botnet survived and now threat researchers are monitoring a…
SonicWall Zero-Day Exploited in the Wild
Read the original article: SonicWall Zero-Day Exploited in the Wild The NCC Group, a UK-based cybersecurity firm, stated that over the weekend they detected active exploitation of a zero-day vulnerability in SonicWall networking devices. SonicWall is a cybersecurity provider that…
Security Researchers Likely Targeted With Multiple Attack Methods
Read the original article: Security Researchers Likely Targeted With Multiple Attack Methods In a new report, Microsoft disclosed that they have been tracking multiple DPRK tactics in their targeting of offensive security professionals. On Tuesday, when this news was first…
Volatile Cedar Compromising Telcos and Internet Service Providers
Read the original article: Volatile Cedar Compromising Telcos and Internet Service Providers Volatile Cedar is an APT group identified as far back as 2012, falling silent around 2015. A new report by ClearSky (referring to the group as Lebanese Cedar)…
Trickbot Returns With Fresh Phishing
Read the original article: Trickbot Returns With Fresh Phishing Originally reported by ZDNet, researchers at Menlo have uncovered a new Trickbot campaign targeting legal and insurance companies in North America, with emails encouraging victims to click on a link to…
Department of Justice Launches Global Action Against NetWalker Ransomware
Read the original article: Department of Justice Launches Global Action Against NetWalker Ransomware An investigation led by the FBI’s Tampa field office culminated in a NetWalker ransomware affiliate indictment, the NetWalker leak site on the Darknet being disabled, and nearly…
Apple Addresses Three iOS Zero-Day Flaws
Read the original article: Apple Addresses Three iOS Zero-Day Flaws In a new update from Apple for iOS, the operating system used for iPhone and iPad, the company addresses three zero-day flaws that have been exploited by attackers. The first…