A researcher has advised World Cup fans and attendees to buy a backup phone or get burner phones to avoid an alleged snooping feature within a few Qatar spyware apps. The data protection agency notifies its football fans that they should protect themselves from a possible Qatar World Cup application’s snooping on their devices. Based on...Continue Reading
New research showed that ransomware groups had increased the usage of their own or stolen computer code. These groups are believed to be moving away from a leasing model type of attack that is easier to detect by threat analysts. Most of the notorious hacking groups in the previous years have orchestrated their attacks by renting...Continue Reading
Numerous social media platforms such as Facebook, Instagram, Telegram, Twitter, and YouTube were suspended after the Turkish government restricted its citizens from complying with the nationwide broadcast ban. The suspension was executed after reports of a bomb blast within one of Istanbul’s busy streets began circulating on the internet last week. The Turkish explosion is now...Continue Reading
The high-severity vulnerabilities within the ABB’s flow computers might compromise one of the world’s largest oil and gas utilities. The flaw could affect the devices that calculate oil and gas volume and flow rates. ABB is a Swedish-Swiss electrical equipment company that has been operating for more than a hundred years. The researchers explained that flow...Continue Reading
The threat ecosystem of Conti ransomware gang grows stronger each day, retaining its status as one of the most productive malware strains in the cybercriminal landscape worldwide. Based on a recent study, the Conti operators are slowly moving away from the United States and concentrating on NATO-affiliated countries, especially in Europe. Conti’s alleged shutdown is not...Continue Reading
A newly emerged advanced persistent threat (APT) group, Earth Longzhi, has targeted numerous organisations using the Cobalt Strike loader, especially in Asia and Ukraine. Researchers noted that these actors are classified as a subgroup of the APT41 nation-backed hacking group. Based on reports, Earth Longzhi deployed two malicious campaigns between May 2022 and February 2021, and...Continue Reading
Spain’s Spanish Tax Agency “Agencia Tributaria” has become a recent target of a phishing campaign after malicious actors impersonated the tax agency to victimise people. The threat actors initially send a fraudulent text message to their targets, notifying them about a tax reimbursement they allegedly have been qualified for. As instructed in the message, the victims...Continue Reading
Eighteen web domains have recently been seized in an FBI and US Postal Inspection Service joint operation, which malicious operators used for recruiting money mules. Reports revealed that the malicious web domains were used to post fake ‘quality control inspector’ job offers, where victims are tasked to ship items from their homes or purchase items using...Continue Reading
The ethnic and religious minority groups in China, including the Uyghurs from Xinjiang, have reportedly been targeted by a threat group deploying an Android spyware tool dubbed ‘BadBazaar.’ The discovery of this campaign has led to experts associating it with a 2020 cyberattack campaign against Uyghurs, performed by the APT15 or the Pitty Tiger. Since 2018,...Continue Reading
The Outlook and Thunderbird email clients are under fire as a new infostealing malware called StrelaStealer is looking to steal user credentials. The behaviour of this newly discovered infostealer is similar to other malware strains, which attempt to steal data from various sources, such as crypto wallet apps, cloud gaming platforms, clipboards, and browsers. Email...Continue Reading
In a recent campaign, researchers discovered a group of threat actors that exploited the Microsoft Dynamics 365 Customer Voice’s survey feature to steal customer information. Companies that commonly use customer satisfaction surveys to review their feedback and collect data to develop work-related solutions are the most affected by this campaign. Based on reports, the threat actors...Continue Reading
The cryptocurrency mixer service, dubbed Tornado Cash, faces reissued sanctions from the US Treasury Department after allegedly aiding the North Korean-backed threat group launder nearly $500 million last March. According to the State Department, the cryptocurrency mixer had given material support to the Lazarus Group to launder the stolen money. This malicious threat group is notorious...Continue Reading
A malicious threat group has used a malicious APK package to target Indian defence personnel with Android devices. The package contains a decoy copy of a promotion letter to lure the targeted employees. Once the victim is baited by the compromised APK and installs it, the app will appear as an Adobe Reader app icon on...Continue Reading
New warnings have been released concerning the threat of Amadey malware being used to deploy the LockBit 3.0 ransomware on compromised machines. In a recent report, analysts stated that the Amadey malware operators distribute it through a malicious Word file and an executable disguising it as a Word file icon. Researchers have initially spotted the Amadey...Continue Reading
A study on Amazon Relational Database Services (Amazon RDS) shows that hundreds of its databases expose users’ personally identifiable information (PII), which could potentially provide threat actors with a resource for data compromise. Amazon Relational Database Services, or Amazon RDS, is a cloud-based web service that helps users set up relational databases in the AWS cloud....Continue Reading
A Nigerian fraudster known as ‘Hushpuppi’ on Instagram had been convicted to 11 years imprisonment after he plotted to launder millions of dollars collected from cybercrimes, including business email compromise (BEC) scams. With his real name Ramon Olorunwa Abbas, Hushpuppi must pay $1,732,841 to two confirmed victims, both large organisations from the US and Qatar. The...Continue Reading
Since Elon Musk’s acquisition of Twitter, the social media giant announced charging users $8 monthly for account verification and $4.99 monthly for the Twitter Blue subscription. However, research shows that these new subscription systems have attracted phishing operators to target verified Twitter users. For those that have paid for the blue badges on their Twitter accounts,...Continue Reading
Researchers discovered a new open-source tool called S3crets Scanner that could enable researchers to scan for confidential data that are accidentally stored by users in the Amazon AWS S3 storage buckets. Companies utilise the Amazon Simple Store Service (Amazon S3) to store information, services, and software in buckets. Unfortunately, most companies that use the platform fail...Continue Reading
A malicious scam campaign that uses several baits on social media platforms is the source of a Chinese cybercriminal group gathering workers for its Cambodian cybercrime mills. According to an investigation, the target of the threat actors is the vulnerable people that seek employment. The attackers post high-paying job lures on Facebook, attracting potential targets. However,...Continue Reading
The new ‘Somnia’ ransomware infects numerous Ukrainian organisations that the threat operators used for encrypting systems, subsequently leading to operational disruptions. Ukraine’s CERT-UA has announced the incident, stating that the attacks are attributed to a threat group dubbed ‘From Russia with Love’ (FRwL) or the ‘Z-Team’. The agency also tracked the threat group as UAC-0118. According...Continue Reading
