Day

January 18, 2022
Google Tag Manager GTM Containers Exploited Web Skimmers Magecart Malicious Script Ecommerce

Google Tag Manager containers got exploited by web skimmers

Web skimmers have exploited the functionality of the Google Tag Manager service to elusively attach and distribute malicious JavaScript code to about 300 e-commerce stores. The malicious code called “Magecart script” was utilised by the web skimmers to gather the payment card details of online shoppers and data that was later offered for auction on...
Continue Reading
Tardigrade Malware Cyberattack Biomanufacturing Industrial SmokeLoader Data Breach

New Tardigrade malware utilised to attack biomanufacturing facilities

An unknown threat group is currently targeting facilities of numerous bio-manufacturers with a new Tardigrade malware that is utilised to be distributed to compromised networks and exfiltrate data for long periods without being detected. According to recent reports, the malicious threat group has been targeting all sectors under healthcare since the start of 2020. The...
Continue Reading
Brazil Ministry Of Health Cyberattack Lapsus$ Group Ransomware Data Exfiltration

Brazil’s health ministry got attacked twice by the Lapsus$ Group

Within only less than a week, the Ministry of Health in Brazil has been hit with a cyberattack for the second time. The recent attack has compromised the internal systems of the health ministry, including their repository of COVID-19 vaccine information. The first incident against Brazil’s Ministry of Health was reported three days earlier, with...
Continue Reading
Phishing Cyberattack Campaigns Phishing Kits Email Phishing Online Fraud

Phishing campaigns now easier to conduct with the help of phishing kits

There are countless known ways for malicious actors to conduct a cyberattack these days, but phishing is the best operation for financially motivated attacks and quick cash grabs. However, due to the ever-growing world of hacking, every malicious individual can now conduct a phishing campaign with ease using ready-to-use phishing kits.   As of now,...
Continue Reading
Tunnel Service localhost.run Exploited Cybercriminals Phishing Cyberattacks Web App

Tunnel service localhost.run gets exploited by criminals for phishing attacks

Threat actors have found a new way to conduct phishing attacks by exploiting free tunnel service applications available on the web, which include localhost.run, to host their phishing content. Security researchers from iZOOlogic have detected the suspicious activity regarding the tunnel service exploitation and investigated the issue further. Localhost.run is a free tunnel service that...
Continue Reading