Transneft, a Russian pipeline company, recently suffered a massive data leak from an unidentified hacktivist group. Transneft is one of Russia’s most prominent state-controlled oil pipeline organizations. Last week, a leak hosting site known as Distributed Denial of Secrets revealed a link to the 79 gigabytes worth of emails from the Omega Company – the...Continue Reading
The TeaBot malware has been found exploiting the Google Play Store for the second time as an attack vector to infect unaware users. Since last year, the malware has conducted several upgrades to its attack chain to expand its surface and infiltrate more targets. Researchers discovered the trojan impersonating a QR code application on Google...Continue Reading
Two Russian nationals were arrested recently after being linked to the operations of the Glupteba botnet for the past years. Furthermore, Google has also announced that they disrupted the malware’s operations to cripple it temporarily. Google removed over 63 million Google Docs files after discovering that the Glupteba gang used these files for the malware’s...Continue Reading
Cybersecurity leaders have conducted a study that shows the alarming hike of domain name system (DNS) attacks against organisations for 2021. The survey result revealed that within the past 12 months, 72% of participants had experienced a DNS cyberattack. 61% of victimised organisations have suffered from multiple attacks, while 11% are attacked regularly. In terms of cyberattack recovery, one-third of the respondents said...Continue Reading
A Thai luxury hotel chain, Centara Hotels & Resort, has recently published a statement regarding a data breach suspected of being performed by a notorious group of threat actors behind a series of cyberattacks in the past weeks. Through the security team’s investigation, it was verified that the system of the luxury hotel chain had suffered a data breach, and the threat actors were able to access some customers’...Continue Reading
A piece of new information reveals a cyber-spying campaign by Iranian hackers targeting the Middle East-based aerospace and telecom industries. The goal is to steal confidential information about assets, infrastructure, and technology while remaining unidentified and evading security systems using Dropbox reliant API. A cybersecurity company based in Boston, Massachusetts, named the attack ‘Operation Ghostshell’. They pointed out the use of...Continue Reading
For October, Google releases the Android security updates. They address a total of 41 vulnerabilities that ranges between high and critical severity. Every fifth day of each successive month, Google releases a complete breakdown of the Android OS security patch. This also contains both framework and vendor fixes. Therefore, this update also includes the remedies for the ten...Continue Reading
Security experts have found a new Python ransomware campaign wherein corporate systems are encrypted within three hours. According to researchers, this attack is performed by threat actors who specifically target the ESXi platform so that they can encrypt the victim’s virtual machines. This new ransomware written in Python has been deployed in only ten minutes by the threat actors who have managed...Continue Reading
A technique was discovered last Thursday by academic institutions from the UK which tackles a bypass bug issue relating to mobile security of Visa and Apple payment processes that can result in fake contactless payments. The said mobile security issue is reported to be capable of bypassing the lock screen of Apple’s iPhone to intrude the device’s payment services and commit fraudulent transactions. ...Continue Reading
A new malware trick is reported to infect Android users by posing as a security update that users would need to download to protect their devices. However, this fake security update is the malware itself, which seems to be an effective way to scam people into downloading it unknowingly. FluBot malware can steal passwords, financial details, and more...Continue Reading
