Day

April 21, 2022
Hackers QR Codes Data Theft Qshing Cyberattacks Phishing

Hackers exploit QR codes to steal from victims via Qshing attacks

As convenient as the QR codes for its users worldwide, the tool is also currently being exploited for cybercrimes. Many threat actors abuse QR codes to deploy Qshing attacks or QR code phishing to steal sensitive info and money from victims or spread malware by tampering with it. The QR code technology was initially intended for quickly...
Continue Reading
Botnets DDoS Cyberattacks Enemybot Fodcha Vulnerability Exploit IoT Devices

Two new botnets joined the fray in conducting DDoS attacks

The Enemybot and the Fodcha botnets have been trying to compromise numerous targets globally by abusing multiple flaws in routers, modems, and Internet of Things (IoT) devices. These two newly discovered botnets can perform distributed denial-of-service attacks on any location. Enemybot and Fodcha are the newest addition to the long lists of botnets that will...
Continue Reading
Hackers Industrial Spy Dark Web Marketplace Stolen Data Breach

Hackers introduced the Industrial Spy as a new marketplace for stolen data

A cybercriminal group developed and endorsed a new marketplace for stolen data called Industrial Spy. Reports said that the recent market offers stolen information and credentials from hacked companies to buyers and offers the goods to its members without a fee. The threat actors developed the new marketplace so businesses could buy their competitor’s data...
Continue Reading
MS Microsoft Windows Task Scheduler Tarrask Malware Trojan

MS Windows Task Scheduler becomes a hideout of the Tarrask malware

Microsoft’s security response team has recently detected a Hafnium malware that establishes persistence on infected Windows systems by emerging and hiding inside the Task Scheduler tool. The researchers named the malware Tarrask, utilised by the Chinese-sponsored threat group known as Hafnium. According to the findings, the malicious activity was attributed to the Hafnium operators, a...
Continue Reading
Phishing Attack Operation Kitty South Korea

A phishing attack comparable to Operation Kitty targets South Koreans

Researchers identified a new email phishing campaign connected to the threat actors called DPRK-nexus, which the campaign overlaps with the method currently used by Operation Kitty. The recent attacks also use malware-laden documents with several baits to lure victims and compromise their devices. The phishing campaign was first identified by the researchers this month. The...
Continue Reading
Meta Facebook User Accounts Espionage Cyberattack Campaign Ukraine

Meta disrupts accounts operating espionage campaigns against Ukraine

Meta reveals disrupting the malicious operations of numerous Russian and Belarusian threat actors that targeted Ukraine via espionage campaigns in the past two months. The campaign is reported to have originated from government-linked groups in Russia and Belarus that actively launches cyber espionage operations against many sectors in Ukraine. According to Meta, they have eliminated...
Continue Reading
GitHub Hackers Infiltration Stolen OAuth Tokens NPM Travis CI Heroku Data Breach

GitHub revealed that hackers infiltrated firms through stolen OAuth tokens

According to GitHub, malicious threat actors utilised stolen OAuth user tokens published to Travis-CI and Heroku to download data from repositories. Since being first spotted last week, the hackers could have already breached and stolen numerous data from targeted organisations that use Travis-CI and Heroku-maintained OAuth apps. A security officer at GitHub said that their...
Continue Reading