A Russian state-sponsored threat group called APT29 exploits cloud services, such as DropBox and Google Drive, in their cybercriminal activities to bypass security detections. Based on reports, the adversary abuses the users’ compliance with well-known cloud storage to make their attacks elusive and efficient. The advanced persistent threat (APT) group has employed this new strategy...Continue Reading
A Sydney-based trading company, ACY Securities, has accidentally exposed their users and businesses’ financial and personal data online for public usage. However, the company did not mind the issue and stated that the exposed dataset was a minor problem. The current database exposure owned by the ACY Securities is due to a misconfigured database. The...Continue Reading
Researchers published a new advisory regarding a current campaign by an Android malware called SMSFactory. The malware operators compromise their victim’s status by subscribing them to premium services without their consent. The malware has already compromised over 170,000 Avast clients, with victims originating most of the victims were in Russia, Ukraine, Turkey, Brazil, and Argentina....Continue Reading
A malicious threat group claimed that it had infiltrated the systems of a well-known factory in Mexico called Foxconn. The cybercriminal group, which seems to be a ransomware group, threatens to leak its stolen data if the company does not pay its asked ransom. The Foxconn company is located inside the city of Tijuana, which...Continue Reading
A recent assessment revealed how small businesses globally had been victimised by increased cyberattacks in the past years, including password-stealing malware. Trojan-PSW, or Trojan Password Stealing Ware, was included in the detailed assessment, showing an uptick in its activities against small businesses for the first quarter of 2022. Researchers concluded that password stealers, specifically the...Continue Reading
Multiple government entities in Costa Rica were hit by cyberattacks done by the Conti ransomware group, ensuing in the assertion of a national emergency. Cybersecurity experts have also found about 672GB worth of government agencies’ data owned by Costa Rica dumped on the threat group’s dark web leak site. On May 8th, Costa Rica’s newly...Continue Reading
Cybersecurity researchers have published a new advisory regarding the notorious BlackByte ransomware group. The advisory includes information and assessment regarding the newly discovered BlackByte samples from the group’s recent attacks. Based on reports, the analysts responsible for examining the group’s behaviour discovered several variants of BlackByte ransomware circulating in the wild. The variants are coded...Continue Reading
The finance state secretary of Rio de Janeiro confirmed that they dealt with the LockBit ransomware attack last week. Reports said that the ransomware group claimed to have targeted the systems connected to the Brazilian government, resulting in the loss of 420GB worth of data. The group intends to leak the stolen data in the...Continue Reading
Another data breach incident performed by the Lapsus$ threat group was discovered by the researchers recently, wherein sensitive administrator data and source code of an IT and software company Globant get leaked by the threat actors. About 70GB of Globant’s data was reportedly included in the leak made by Lapsus$, claiming that the released archive...Continue Reading
An SEO poisoning campaign from 2020 is actively attacking popular e-commerce stores. The online store attack exclusively depends on “search engine optimization” strategies to target users worldwide. The campaign has been active since 2020, and researchers noted that it is an operation of China-based cybercriminals. The researchers also indicated that the attack targeted approximately 617...Continue Reading