Australia Page 1

WeLeak Database Threat Group Data Leak Stolen Databases iZOOlogic Dark Web Fraud Prevention

The WeLeak Database group continues to leak stolen databases

Threat groups leaking stolen databases have been widespread across the dark web landscape. One includes the WeLeak Database group observed by researchers from iZOOlogic to remain active, specifically on their Telegram channel with over 12,000 subscribers. The WeLeak Database group has set up their Telegram channel to provide massive database dumps for the public and...
Continue Reading
Citrix ADM Vulnerability Flaw Hackers Reset Admin Data Patch

A Citrix ADM flaw that lets hackers reset admin data gets patched

A critical vulnerability tracked CVE-2022-27511 that affected the Citrix Application Delivery Management (ADM) technology has now been patched. The said flaw allows threat actors to reset administrators’ passwords remotely. Citrix’s Application Delivery and Management (ADM) solution is a web-based technology for its users to easily manage all Citrix-related cloud or on-premise deployments, including ADC MPX,...
Continue Reading
Cybersecurity Researchers Infiltrate Microsoft Cloud Applications OneDrive Sharepoint Bug

Researchers found a loophole to infiltrate Microsoft’s cloud applications

Microsoft’s SharePoint and OneDrive have been identified with a flaw that allows ransomware actors to encrypt files stored in the cloud applications that its users would not be able to recover without backups or obtaining decryptors from the hackers. In this attack, the threat operators could leverage the two applications’ “versioning” feature that enables users...
Continue Reading
PureCrypter Malware Cyberattacks Attack Vector Telegram

PureCrypter adds new modules for better cyberattacks

A notorious multi-functional loader called PureCrypter has been updated by its developers for better usage in cyber-attacks. Research stated that this crypter had been sold in the underground market since March last year. PureCrypter’s operators have updated their loader and added new features to run several malicious activities despite being a vector for distributing remote...
Continue Reading
Zimbra Email Vulnerability Flaw Abuse Hackers Data Stealing Exfiltration

A Zimbra email flaw gets abused by hackers to steal corporate data

Zimbra, an email software suite, is found with a new critical flaw that threat actors can exploit to steal users’ cleartext passwords without requiring interaction with them. According to researchers, the hackers could also escalate their access to an organisation’s networks, allowing them to steal corporate information. The vulnerability is tracked as CVE-2022-27924 with a...
Continue Reading
BEC Cyberattacks Business Email Compromise Language Attack Vector

A surge in BEC attacks using language as a vector was detected

Analysts released an email security advisory that shows how language-based business email compromise (BEC) attacks have become a growing trend for cybercriminals. The research discovered that nearly 75% of recent campaigns use language as the primary attack transmitter that threat actors used for their campaigns. The most utilised BEC campaigns are weaponised payloads, common business...
Continue Reading
Australia Trading Firm ACY Securities Forex Broker Exposed Database User Data

Australian security trading firm, ACY Securities, had exposed users’ data

A Sydney-based trading company, ACY Securities, has accidentally exposed their users and businesses’ financial and personal data online for public usage. However, the company did not mind the issue and stated that the exposed dataset was a minor problem. The current database exposure owned by the ACY Securities is due to a misconfigured database. The...
Continue Reading
Reverse Tunnels URL Shorteners Phishing Campaigns Ngrok Argo LocalhostRun DNS

Reverse tunnels and URL shorteners leveraged for phishing campaigns

A surge of use in reverse tunnels and URL shorteners has recently been detected for wide-scale phishing campaigns, thus allowing threat actors to be stealthier in their attacks. Experts say that the recently detected malicious activity is unusual method attackers use for their phishing sites to avoid being taken down. The reverse tunnel services aid...
Continue Reading
Atlassian Confluence Data Center Server Critical Zero Day Vulnerability Flaw

Atlassian Confluence spotted with a critical zero-day flaw

A new zero-day flaw found on the Atlassian Confluence was detected to have been actively exploited by threat actors to inject malicious web shells. The flaw, tracked as CVE-2022-26134, has no available patch for now. The software company had also released an advisory regarding the zero-day flaw, where they revealed it to be a critical...
Continue Reading
EnemyBot Cyberattack Scope Vulnerability Exploit LolFMe Web Server Android IoT

The EnemyBot expands its attack scope by exploiting new flaws

The EnemyBot botnet has included new critical vulnerabilities to its campaigns to expand its attack coverage. Researchers noted that the botnet operators had exploited weaknesses in different systems such as web servers, Android devices, and IoTs. In addition, flawed content management systems are also eyed by this botnet. Based on reports, the recently discovered latest...
Continue Reading
1 2 3 23