Industry News

Pentesting Cyber Security Firm DSIRF Subzero Malware Knotweed Microsoft

Pentesting firm DSIRF linked with Subzero malware’s development

From a recent report posted by Microsoft, the firm claimed that an Austria-based penetration testing company, DSIRF, was linked with selling spyware to clients that targets entities from Europe and Central America. A threat group called Knotweed was associated with the pentesting firm DSIRF, which has allegedly created and spread the Subzero malware against victims...
Continue Reading
Extortion Ransomware Cyberattack Campaigns 2022 Double Extortion Data Leak

Extorted money on ransomware campaigns dropped for 2022

Statistical studies on ransomware incidents show that the value of extorted money from victims has dropped for the second quarter of 2022. The analysts also added that these findings were first noticed in last year’s fourth quarter. Despite the ransomware actors increasing their average ransom payments, more and more victims refrain from paying, thus resulting...
Continue Reading
Over $343B Estimated Lost Online Fraud Five Years Cyber Threats Cybersecurity

Over $343B could be lost to online fraud in the next five years

Researchers had recently published a study that estimated more than $343 billion to be lost worldwide in the next five years due to cybercriminal groups innovating their extortion, account takeover, hacking, and identity fraud tactics. The study highlighted that this estimate is possible despite organisations’ widespread use of cybersecurity and identity verification measures. Since people...
Continue Reading
Bug Bounty Firm HackerOne Employee Stolen Reports Cybersecurity

A bug bounty firm caught an employee stealing reports to earn money

HackerOne, a vulnerability and bug bounty cybersecurity platform, had recently disclosed that one of its employees had hacked into the firm’s internal data to steal bug bounty reports and use them for side income purposes. Based on the reports about the incident, the suspect had unauthorised access to HackerOne’s internal data, which allowed them to...
Continue Reading
Brazil Operation 404 Malicious Websites Piracy US UK Illegal Downloads Pirated Videos

Brazil’s Operation 404 hunted malicious sites and piracy apps

Brazil’s law enforcement groups had commenced the fourth wave of Operation 404, which aimed to take down malicious websites and application piracy platforms. The country’s anti-piracy movement had enabled the Brazilian authorities to arrest several threat actors involved in the cybercrimes. About 226 websites and 461 pirated apps had been shut down and blocked under...
Continue Reading
Infosec Community Privacy Threat Group Windows Information Security Cybersecurity

The Infosec community targeted by a threat group that exploits Windows

A malicious threat group targets the information security (Infosec) community with phoney Windows Proof-of-Concept vulnerability. These fake exploits compromise the targeted devices with a Cobalt Strike beacon backdoor. The threat actors operating these current attacks are taking advantage of the latest repaired Windows remotely controlled exploit flaws. Moreover, a threat actor published two Proof-of-Concept exploits...
Continue Reading
UK Government Nuclear Cybersecurity Strategy Digital Risk United Kingdom Cyber Threats

The UK government deployed an improved nuclear cybersecurity strategy

The government of the United Kingdom has revealed its cybersecurity strategy for its upcoming civil nuclear sector. These plans are expected to increase security design and improve collaboration and troubleshooting. Experts stated that this move made by the UK government is a much-needed upgrade since their country boasts the oldest civil nuclear power program worldwide,...
Continue Reading
Biometrics SIM Alarms Data Security Privacy InfoSec South Africa

Biometrics-to-SIM proposal caused alarms for data security

The South African phone users have expressed their concerns about their data security after a proposal to put their biometric data on SIM cards was proposed by lawmakers in their country. A committee included the Independent Communications Authority of South Africa’s proposal in the list of draft regulations released by the watchdog for public commentary...
Continue Reading
Global Phishing Attacks Records Phishing-as-a-Service Cyber Threat SMiShing

The global phishing attacks last year have broken previous records

Phishing attacks from last year have broken previous records from the past years. Experts claimed that the emergence of phishing-as-a-service methods and new attack vectors caused this massive upsurge of the attacks. Some researchers also think that the low barrier of entry contributed to the widespread of similar attacks. Threat actors take advantage of current...
Continue Reading