Cryptocurrency trading in India remains a popular avenue for traders in the country to invest. However, researchers found that this prevalence comes with a price, as many traders still fall victim to cryptocurrency scams. Dubbed ‘CoinEgg,’ this new crypto scam has swindled over ₹1,000 crores from investors in the country, which involved threat actors using...Continue Reading
An Indian-based online documents verification platform called MyEasyDocs has exposed the data of more than 57,000 students on a Microsoft Azure server. Based on a report, a cybersecurity researcher spotted a misconfigured Microsoft Azure server that exposed the educational and personal records of hundreds and thousands of students from Israel and India. MyEasyDocs own the...Continue Reading
A Sydney-based trading company, ACY Securities, has accidentally exposed their users and businesses’ financial and personal data online for public usage. However, the company did not mind the issue and stated that the exposed dataset was a minor problem. The current database exposure owned by the ACY Securities is due to a misconfigured database. The...Continue Reading
Telecom service providers from Central Asia are the newest targets of a China-based cyberespionage group dubbed Moshen Dragon after cybersecurity experts detected new waves of malicious activities from them. Security researchers found some common grounds between Moshen Dragon and other threat groups like Nomad Panda and RedFoxtrot since they have all utilised similar malware variants...Continue Reading
A North Korean state-sponsored threat group called APT37 has been discovered targeting journalists specialising in the Korean republic using the GoldBackdoor malware. Reports stated that the threat actors distribute the malware through several phishing campaigns. A researcher discovered the attack and immediately contacted a malware expert for assistance and analysis last month. The malware expert...Continue Reading
An advanced persistent threat (APT) group known as Cicada or APT10 has widened its targets, which first started by attacking only Japanese enterprises, to now a wide range of new countries so that they could conduct more widespread espionage attacks. The Chinese-speaking Cicada APT group is also known for its other titles, such as Stone...Continue Reading
A Chinese espionage threat group called Storm Cloud uses custom-made malware to target macOS users based in Asia. Researchers identified the malware used by the threat actors as GIMMICK, which is a previously unknown macOS malware strain. The GIMMICK malware was found during an analysis of a cyberespionage attack in the latter parts of last...Continue Reading
Researchers discovered a malicious threat campaign targeting unpatched Microsoft SQL servers on the web. The threat actors distribute Cobalt Strike Beacons on their potential hosts that still use unpatched SQL servers, and eye incompetently managed public-facing Microsoft SQL servers to be utilised for further widespread infection across cyberspace. Moreover, the intrusions involve scanning port 1433...Continue Reading
The ALPHV, better known as the BlackCat ransomware, was first identified by researchers in the early weeks of November last year and immediately proved to everyone that they are indeed sophisticated. The BlackCat is the first that used Rust-based malware since most ransomware gangs do not even contemplate using the same malware. As of now,...Continue Reading
Recently, researchers stumbled upon a peculiar hybrid cyberattack campaign conducted by the threat group OiVaVoii that targeted several c-level executives and had abused several malicious OAuth apps. The threat group targets executives and general managers with custom phishing messages sent from hacked Microsoft Office 365 accounts and malicious OAuth apps. Even though Microsoft has blocked...Continue Reading
