Australia Page 1

Optus Data Breach Exposed Data 9M Hacked Vulnerability Telecommunication Telco Australia

The Optus breach exposed the data of over 9M users to hackers

Recent reports revealed that the Australia-based telecommunications firm Optus had been hit with a data breach attack, compromising the personal data of millions of Australian citizens. This issue came to light after the telco released a public statement, disclosing that approximately nine million Australians’ data might be exposed to hackers. The telco’s statement also mentioned...
Continue Reading
Chinese Cyberespionage Threat Gang Australia Reconnaissance Malware Red Landon Phishing Fake Website

Chinese cyber espionage gang targets Australia

A Chinese cyber espionage gang have targeted Australian entities with reconnaissance malware to harvest details that they could use to execute more targeted attacks on different sectors. The campaign targeted the Asia-Pacific region’s energy, manufacturing, and government personnel to deploy phishing emails directing its victims to a fake news outlet. According to researchers, the attackers...
Continue Reading
Phishing Cyberattack Adversary-in-the-Middle AitM Threat Advisory Cybersecurity BEC

A phishing attack called Adversary-in-the-Middle (AitM) discovered

Researchers from Microsoft disclosed the details of an extensive phishing operation that exclusively steals the passwords of its targets, which can also bypass MFA authentication. The new phishing strategy is called Adversary-in-the-Middle (AitM). Subsequently, the threat actors use previously stolen credentials from past attacks to operate a BEC campaign against new targets. Based on reports,...
Continue Reading
PrestaShop Ecommerce Platform Zero Day Vulnerability Exploit SQL Injection RCE

PrestaShop e-commerce platform found with a zero-day vulnerability

Threat actors abused a zero-day vulnerability to perform remote code execution against online shops that use the PrestaShop platform, aiming to steal people’s payment information. After learning about the incident, the e-commerce platform’s team immediately warned about 300,000 online shops that use their service. With the zero-day flaw tracked as CVE-2022-36408, it first targets a...
Continue Reading
Hackers Compromised Device Elastix VoIP Systems Web Shells RCE PHP Backdoor

Hackers compromised the Elastix VoIP Systems to deliver web shells

A malicious threat campaign conducted by an identified group of hackers has been targeting the Elastix VoIP telephony servers and systems to deploy multiple PHP web shells. Unfortunately, there are already more than half a million malware samples that the researchers uncovered in just three months. Based on reports, cybersecurity experts claim that the threat...
Continue Reading
Google Play Store Various Malware Infested Apps Mobile Application Trojan Infostealer

Google’s Play Store still swamped with various malware-infested apps

Despite Google’s efforts to employ advanced security measures to stop malicious applications from being uploaded to the Google Play Store, many threat actors are still finding ways to sneak their apps onto the platform to victimise the app store’s users. Nonetheless, the tech giant is still actively taking steps to find these malware-infested applications, specifically...
Continue Reading
Netwrix Auditor Flaw Vulnerability Software Abuse Hackers RCE Remote Code Execution

A newly detected Netwrix Auditor flaw allows hackers to launch RCE

Researchers have revealed new details regarding a newly discovered security flaw in the Netwrix Auditor application, which allows threat actors to compromise the Active Directory Domain. If an attacker successfully exploits the Netwrix vulnerabilities, it could result in arbitrary code execution on the impacted device. Based on a report, the service in the Netwrix Auditor...
Continue Reading
Phishing Kits Hacked WordPress Website Protection CMS Identity Theft

Phishing kits uploaded to hacked WordPress sites for identity theft

Threat actors abuse hacked WordPress sites in a newly discovered campaign, wherein they added PayPal phishing kits into the compromised sites to steal massive databases of personal data from victims, such as their government ID documents and photos. Since the phishing actors host their campaign on legitimate WordPress sites, they could bypass some security detection...
Continue Reading
0mega Ransomware Threat Group Double Extortion Fraud Tactics Data Leak

0mega ransomware group executes double extortion tactics

A newly discovered threat group called 0mega ransomware has been spotted by researchers targeting organisations worldwide. The operators of this new malicious entity are deploying double extortion strategies that demand millions of dollars as ransom. According to the researchers, the 0mega ransomware operation started last May and claimed it had already infected several victims before...
Continue Reading
Cybersecurity IT Firms Impersonation Fraud Prevention Callback Phishing Cyberattack Campaign Tech Support

Cybersecurity firms impersonated for a callback phishing campaign

Earlier this month, the CrowdStrike Intelligence company spotted a callback phishing attack that impersonated numerous cybersecurity firms, including them. The threat actors used a social engineering attack tactic to deceive their targets. The callback phishing campaign allegedly impersonated the targeted company and disseminated several warning emails to different clients. The phishing email contained a message...
Continue Reading
1 2 3 24