South Asia

South Asia Page 2

India Hackers Threat Actors Audience Restriction Abusive Content Facebook Social Media Brand Monitoring

Hackers are seen restricting views to abusive Facebook content

The researchers from iZOOlogic’s threat monitoring team had recently observed an active Facebook campaign targeting Indian clients and entities, wherein malicious and abusive content is propagated through a defined and limited audience. Several of our clients from India have reported these tactics to our threat monitoring team. However, as we attempted to view the reported...
Continue Reading
Phishing Cyberattack Adversary-in-the-Middle AitM Threat Advisory Cybersecurity BEC

A phishing attack called Adversary-in-the-Middle (AitM) discovered

Researchers from Microsoft disclosed the details of an extensive phishing operation that exclusively steals the passwords of its targets, which can also bypass MFA authentication. The new phishing strategy is called Adversary-in-the-Middle (AitM). Subsequently, the threat actors use previously stolen credentials from past attacks to operate a BEC campaign against new targets. Based on reports,...
Continue Reading
PrestaShop Ecommerce Platform Zero Day Vulnerability Exploit SQL Injection RCE

PrestaShop e-commerce platform found with a zero-day vulnerability

Threat actors abused a zero-day vulnerability to perform remote code execution against online shops that use the PrestaShop platform, aiming to steal people’s payment information. After learning about the incident, the e-commerce platform’s team immediately warned about 300,000 online shops that use their service. With the zero-day flaw tracked as CVE-2022-36408, it first targets a...
Continue Reading
Hackers Compromised Device Elastix VoIP Systems Web Shells RCE PHP Backdoor

Hackers compromised the Elastix VoIP Systems to deliver web shells

A malicious threat campaign conducted by an identified group of hackers has been targeting the Elastix VoIP telephony servers and systems to deploy multiple PHP web shells. Unfortunately, there are already more than half a million malware samples that the researchers uncovered in just three months. Based on reports, cybersecurity experts claim that the threat...
Continue Reading
Google Play Store Various Malware Infested Apps Mobile Application Trojan Infostealer

Google’s Play Store still swamped with various malware-infested apps

Despite Google’s efforts to employ advanced security measures to stop malicious applications from being uploaded to the Google Play Store, many threat actors are still finding ways to sneak their apps onto the platform to victimise the app store’s users. Nonetheless, the tech giant is still actively taking steps to find these malware-infested applications, specifically...
Continue Reading
Netwrix Auditor Flaw Vulnerability Software Abuse Hackers RCE Remote Code Execution

A newly detected Netwrix Auditor flaw allows hackers to launch RCE

Researchers have revealed new details regarding a newly discovered security flaw in the Netwrix Auditor application, which allows threat actors to compromise the Active Directory Domain. If an attacker successfully exploits the Netwrix vulnerabilities, it could result in arbitrary code execution on the impacted device. Based on a report, the service in the Netwrix Auditor...
Continue Reading
Cleartrip India Flight Booking Hacked Data Breach Airline

Cleartrip, an Indian flight booking platform, got struck by hackers

The internal systems of a renowned flight booking site in India, Cleartrip, disclosed a data breach attack that might have compromised the personal information of the yet unidentified impacted individuals. The management of the booking site also shared that they are now investigating the incident along with third-party security experts. A Cleartrip representative stated that...
Continue Reading
Phishing Kits Hacked WordPress Website Protection CMS Identity Theft

Phishing kits uploaded to hacked WordPress sites for identity theft

Threat actors abuse hacked WordPress sites in a newly discovered campaign, wherein they added PayPal phishing kits into the compromised sites to steal massive databases of personal data from victims, such as their government ID documents and photos. Since the phishing actors host their campaign on legitimate WordPress sites, they could bypass some security detection...
Continue Reading
30M School Records Vietnam Dark Web Sold Marketplace Hacker meli0das PII

Over 30M of school records in Vietnam gets sold by a hacker

A new investigation on the dark web revealed a new data breach incident in Vietnam that compromised over 30 million personally identifiable information (PII) of individuals in one of the country’s most popular schools. The unknown hacker, who called themselves meli0das, had posted the Vietnamese school’s data sale on an underground forum. Moreover, the massive...
Continue Reading
0mega Ransomware Threat Group Double Extortion Fraud Tactics Data Leak

0mega ransomware group executes double extortion tactics

A newly discovered threat group called 0mega ransomware has been spotted by researchers targeting organisations worldwide. The operators of this new malicious entity are deploying double extortion strategies that demand millions of dollars as ransom. According to the researchers, the 0mega ransomware operation started last May and claimed it had already infected several victims before...
Continue Reading
1 2 3 4 23