Football Fans Burner Phones Avoid Spyware Mobile Apps Malware

Football fans should bring burner phones to avoid spyware apps

A researcher has advised World Cup fans and attendees to buy a backup phone or get burner phones to avoid an alleged snooping feature within a few Qatar spyware apps. The data protection agency notifies its football fans that they should protect themselves from a possible Qatar World Cup application’s snooping on their devices. Based on...
Continue Reading
Ransomware Hacker Groups Unique Source Codes Cyberattacks

Ransomware groups used unique source codes in their attacks

New research showed that ransomware groups had increased the usage of their own or stolen computer code. These groups are believed to be moving away from a leasing model type of attack that is easier to detect by threat analysts. Most of the notorious hacking groups in the previous years have orchestrated their attacks by renting...
Continue Reading
Social Media Platforms Temporarily Banned Turkey Blast

Social media platforms temporarily banned after Turkey blast

Numerous social media platforms such as Facebook, Instagram, Telegram, Twitter, and YouTube were suspended after the Turkish government restricted its citizens from complying with the nationwide broadcast ban. The suspension was executed after reports of a bomb blast within one of Istanbul’s busy streets began circulating on the internet last week. The Turkish explosion is now...
Continue Reading
ABB Flow Computers High Severity Vulnerabilities Oil and Gas

ABB’s flow computers contain high-severity vulnerabilities

The high-severity vulnerabilities within the ABB’s flow computers might compromise one of the world’s largest oil and gas utilities. The flaw could affect the devices that calculate oil and gas volume and flow rates. ABB is a Swedish-Swiss electrical equipment company that has been operating for more than a hundred years. The researchers explained that flow...
Continue Reading
Conti Ransomware Gang Affiliates Dark Web

Conti ransomware gang allegedly exists within its affiliates

The threat ecosystem of Conti ransomware gang grows stronger each day, retaining its status as one of the most productive malware strains in the cybercriminal landscape worldwide. Based on a recent study, the Conti operators are slowly moving away from the United States and concentrating on NATO-affiliated countries, especially in Europe. Conti’s alleged shutdown is not...
Continue Reading
Asia Ukraine Earth Longzhi APT Hacker Group

Asian countries targeted by the Earth Longzhi APT group

A newly emerged advanced persistent threat (APT) group, Earth Longzhi, has targeted numerous organisations using the Cobalt Strike loader, especially in Asia and Ukraine. Researchers noted that these actors are classified as a subgroup of the APT41 nation-backed hacking group. Based on reports, Earth Longzhi deployed two malicious campaigns between May 2022 and February 2021, and...
Continue Reading
Tax Agency Spain Impersonation Phishing Campaign

A tax agency in Spain impersonated in a new phishing campaign

Spain’s Spanish Tax Agency “Agencia Tributaria” has become a recent target of a phishing campaign after malicious actors impersonated the tax agency to victimise people. The threat actors initially send a fraudulent text message to their targets, notifying them about a tax reimbursement they allegedly have been qualified for. As instructed in the message, the victims...
Continue Reading
Malicious Web Domains Recruit Money Mules Laundering Seized Fraud Prevention

Malicious web domains that recruit money mules get seized

Eighteen web domains have recently been seized in an FBI and US Postal Inspection Service joint operation, which malicious operators used for recruiting money mules. Reports revealed that the malicious web domains were used to post fake ‘quality control inspector’ job offers, where victims are tasked to ship items from their homes or purchase items using...
Continue Reading
Chinese Ethnic Groups Uyghurs BadBazaar Spyware Malware

Chinese ethnic groups targeted by the new BadBazaar spyware

The ethnic and religious minority groups in China, including the Uyghurs from Xinjiang, have reportedly been targeted by a threat group deploying an Android spyware tool dubbed ‘BadBazaar.’ The discovery of this campaign has led to experts associating it with a 2020 cyberattack campaign against Uyghurs, performed by the APT15 or the Pitty Tiger. Since 2018,...
Continue Reading
StrelaStealer Infostealer Outlook Thunderbird User Account Email Credentials

StrelaStealer steals Outlook and Thunderbird account credentials

The Outlook and Thunderbird email clients are under fire as a new infostealing malware called StrelaStealer is looking to steal user credentials. The behaviour of this newly discovered infostealer is similar to other malware strains, which attempt to steal data from various sources, such as crypto wallet apps, cloud gaming platforms, clipboards, and browsers.   Email...
Continue Reading
Hackers Brand Abuse Microsoft Dynamics 365 Steal Customer Data

Hackers use Microsoft Dynamics 365 to steal customer data

In a recent campaign, researchers discovered a group of threat actors that exploited the Microsoft Dynamics 365 Customer Voice’s survey feature to steal customer information. Companies that commonly use customer satisfaction surveys to review their feedback and collect data to develop work-related solutions are the most affected by this campaign. Based on reports, the threat actors...
Continue Reading
Tornado Cash Sanction US Lazarus Threat Group Money Laundering Cryptocurrency North Korea

Tornado Cash faces another sanction from the US government

The cryptocurrency mixer service, dubbed Tornado Cash, faces reissued sanctions from the US Treasury Department after allegedly aiding the North Korean-backed threat group launder nearly $500 million last March. According to the State Department, the cryptocurrency mixer had given material support to the Lazarus Group to launder the stolen money. This malicious threat group is notorious...
Continue Reading
Hackers Malicious APK Package Indian Defence Staff

Hackers use a malicious APK package to lure Indian defence staff

A malicious threat group has used a malicious APK package to target Indian defence personnel with Android devices. The package contains a decoy copy of a promotion letter to lure the targeted employees. Once the victim is baited by the compromised APK and installs it, the app will appear as an Adobe Reader app icon on...
Continue Reading
Amadey Malware LockBit 3.0 Deployment Propagation Ransomware

The Amadey malware is being used for LockBit 3.0 deployment

New warnings have been released concerning the threat of Amadey malware being used to deploy the LockBit 3.0 ransomware on compromised machines. In a recent report, analysts stated that the Amadey malware operators distribute it through a malicious Word file and an executable disguising it as a Word file icon. Researchers have initially spotted the Amadey...
Continue Reading
Exposed Data Amazon RDS Cloud Service SaaS Compromised Data Snapshots AWS PII

Exposed data in Amazon RDS could lead to potential compromise

A study on Amazon Relational Database Services (Amazon RDS) shows that hundreds of its databases expose users’ personally identifiable information (PII), which could potentially provide threat actors with a resource for data compromise. Amazon Relational Database Services, or Amazon RDS, is a cloud-based web service that helps users set up relational databases in the AWS cloud....
Continue Reading
Nigerian Fraudster Hushpuppi Imprisonment Online Scammer BEC Business Email Compromise

A Nigerian fraudster ‘Hushpuppi’ receives 11 years of imprisonment

A Nigerian fraudster known as ‘Hushpuppi’ on Instagram had been convicted to 11 years imprisonment after he plotted to launder millions of dollars collected from cybercrimes, including business email compromise (BEC) scams. With his real name Ramon Olorunwa Abbas, Hushpuppi must pay $1,732,841 to two confirmed victims, both large organisations from the US and Qatar. The...
Continue Reading
Twitter Phishing Campaigns Cyberattack Verified Accounts

New Twitter phishing campaigns found targeting verified users

Since Elon Musk’s acquisition of Twitter, the social media giant announced charging users $8 monthly for account verification and $4.99 monthly for the Twitter Blue subscription. However, research shows that these new subscription systems have attracted phishing operators to target verified Twitter users. For those that have paid for the blue badges on their Twitter accounts,...
Continue Reading
S3crets Scanner Hack Tool Scan Compromised Data AWS S3 Buckets

S3crets Scanner tool could scan data from AWS S3 Buckets

Researchers discovered a new open-source tool called S3crets Scanner that could enable researchers to scan for confidential data that are accidentally stored by users in the Amazon AWS S3 storage buckets. Companies utilise the Amazon Simple Store Service (Amazon S3) to store information, services, and software in buckets. Unfortunately, most companies that use the platform fail...
Continue Reading
Cambodia Cybercrime Mills Enslaved People Chinese Threat Group Fraudsters

Cambodian cybercrime mills host thousands of enslaved people

A malicious scam campaign that uses several baits on social media platforms is the source of a Chinese cybercriminal group gathering workers for its Cambodian cybercrime mills. According to an investigation, the target of the threat actors is the vulnerable people that seek employment. The attackers post high-paying job lures on Facebook, attracting potential targets. However,...
Continue Reading
Somnia Ransomware Russian Hacktivists

The new Somnia ransomware attributed to Russian hacktivists

The new ‘Somnia’ ransomware infects numerous Ukrainian organisations that the threat operators used for encrypting systems, subsequently leading to operational disruptions. Ukraine’s CERT-UA has announced the incident, stating that the attacks are attributed to a threat group dubbed ‘From Russia with Love’ (FRwL) or the ‘Z-Team’. The agency also tracked the threat group as UAC-0118. According...
Continue Reading
1 2 3 66