Researchers published a new advisory regarding a current campaign by an Android malware called SMSFactory. The malware operators compromise their victim’s status by subscribing them to premium services without their consent. The malware has already compromised over 170,000 Avast clients, with victims originating most of the victims were in Russia, Ukraine, Turkey, Brazil, and Argentina....Continue Reading
Russian-based Wizard Spider gang had been investigated by security researchers, discovering some of the threat group’s internal attack infrastructure. Based on the investigations, the Wizard Spider threat group is allegedly linked with two other hacking groups, Grip Spider and Lunar Spider. The gang operates their system under a complex set of sub-groups and implements a...Continue Reading
A recent assessment revealed how small businesses globally had been victimised by increased cyberattacks in the past years, including password-stealing malware. Trojan-PSW, or Trojan Password Stealing Ware, was included in the detailed assessment, showing an uptick in its activities against small businesses for the first quarter of 2022. Researchers concluded that password stealers, specifically the...Continue Reading
Transneft, a Russian pipeline company, recently suffered a massive data leak from an unidentified hacktivist group. Transneft is one of Russia’s most prominent state-controlled oil pipeline organizations. Last week, a leak hosting site known as Distributed Denial of Secrets revealed a link to the 79 gigabytes worth of emails from the Omega Company – the...Continue Reading
The TeaBot malware has been found exploiting the Google Play Store for the second time as an attack vector to infect unaware users. Since last year, the malware has conducted several upgrades to its attack chain to expand its surface and infiltrate more targets. Researchers discovered the trojan impersonating a QR code application on Google...Continue Reading
Two Russian nationals were arrested recently after being linked to the operations of the Glupteba botnet for the past years. Furthermore, Google has also announced that they disrupted the malware’s operations to cripple it temporarily. Google removed over 63 million Google Docs files after discovering that the Glupteba gang used these files for the malware’s...Continue Reading
Cybersecurity leaders have conducted a study that shows the alarming hike of domain name system (DNS) attacks against organisations for 2021. The survey result revealed that within the past 12 months, 72% of participants had experienced a DNS cyberattack. 61% of victimised organisations have suffered from multiple attacks, while 11% are attacked regularly. In terms of cyberattack recovery, one-third of the respondents said...Continue Reading
A Thai luxury hotel chain, Centara Hotels & Resort, has recently published a statement regarding a data breach suspected of being performed by a notorious group of threat actors behind a series of cyberattacks in the past weeks. Through the security team’s investigation, it was verified that the system of the luxury hotel chain had suffered a data breach, and the threat actors were able to access some customers’...Continue Reading
A piece of new information reveals a cyber-spying campaign by Iranian hackers targeting the Middle East-based aerospace and telecom industries. The goal is to steal confidential information about assets, infrastructure, and technology while remaining unidentified and evading security systems using Dropbox reliant API. A cybersecurity company based in Boston, Massachusetts, named the attack ‘Operation Ghostshell’. They pointed out the use of...Continue Reading
For October, Google releases the Android security updates. They address a total of 41 vulnerabilities that ranges between high and critical severity. Every fifth day of each successive month, Google releases a complete breakdown of the Android OS security patch. This also contains both framework and vendor fixes. Therefore, this update also includes the remedies for the ten...Continue Reading