News

twitter 1 1590752878 1140x570 1

5.4 million Twitter users’ stolen data leaked online — more shared privately

Over 5.4 million Twitter user records containing non-public information stolen using an API vulnerability fixed in January have been shared for free on a hacker forum. Another massive, potentially more significant, data dump of millions of Twitter records has also been disclosed by a security researcher, demonstrating how widely abused this bug was by threat …

5.4 million Twitter users’ stolen data leaked online — more shared privately Read More »

0 Google Chrome

Backdoored Chrome extension Installed by 200,000 Roblox Players

Chrome browser extension ‘SearchBlox’ installed by more than 200,000 users has been discovered to contain a backdoor that can steal your Roblox credentials and assets. BleepingComputer has been able to analyze the extension code which indicates the presence of a backdoor, introduced either intentionally by its developer or after a compromise. Chrome extension targets Roblox players The ‘SearchBlox’ …

Backdoored Chrome extension Installed by 200,000 Roblox Players Read More »

afterburner header

Fake MSI Afterburner targets Windows gamers with miners, info-stealers

Windows gamers and power users are being targeted by fake MSI Afterburner download portals to infect users with cryptocurrency miners and the RedLine information-stealing malware. The MSI Afterburner is a GPU utility that allows you to configure overclocking, create fan profiles, perform video capturing, and monitor your installed graphics cards’ temperature and CPU utilization. While …

Fake MSI Afterburner targets Windows gamers with miners, info-stealers Read More »

Hive Ransomware

FBI: Hive Ransomware Extorted $100M From Over 1,300 Victims

The Federal Bureau of Investigation (FBI) said today that the notorious Hive ransomware gang has successfully extorted roughly $100 million from over a thousand companies since June 2021. To add insult to injury, the FBI says that the Hive gang will deploy additional ransomware payloads on the networks of victims who refuse to pay the …

FBI: Hive Ransomware Extorted $100M From Over 1,300 Victims Read More »

whoosh header

Whoosh Confirms Data Breach After Hackers Sell 7.2M User Records

The Russian scooter-sharing service Whoosh has confirmed a data breach after hackers started to sell a database containing the details of 7.2 million customers on a hacking forum. Whoosh is Russia’s leading urban mobility service platform, operating in 40 cities with over 75,000 scooters. On Friday, a threat actor began selling the stolen data on …

Whoosh Confirms Data Breach After Hackers Sell 7.2M User Records Read More »

Alert These are the Most Common Types of Cyberattacks Businesses face

Major Cyber Attacks in Review: October 2022

Major cyberattacks of the last month include data leaks, security breaches, phishing attacks, and much more. Here are the top cyber incidents of October 2022. The MyDeal Data Breach Affects 2.2M Customers, and Stolen Data is Being Sold Online  Woolworths’ MyDeal subsidiary has reported a data breach impacting 2.2 million customers. The hacker was attempting to …

Major Cyber Attacks in Review: October 2022 Read More »

stage healthcare industry

Increased Healthcare Security Breaches in 2022

Data from the US government shows that there has been a significant increase in healthcare security breaches.  At least 125 data breaches of healthcare organizations have been reported since the beginning of April, according to a list compiled by the US Department of Health and Human Services (HHS).  The US Health Department Warns of Venus Ransomware  The United States Department …

Increased Healthcare Security Breaches in 2022 Read More »

manufacturing

Manufacturing Industry Pays the Highest Average Ransom at $2.04M

The past five years have witnessed the evolution of threat actors in ransomware. These developments, both operationally and technically, have significantly increased the damage done by ransomware groups. Ransomware gangs are no longer content with simply encrypting files and demanding ransom from the victim. They also use triple or even quadruple extortion tactics, such as publicly sharing the victim’s data …

Manufacturing Industry Pays the Highest Average Ransom at $2.04M Read More »

bitcoin locked

Previously Unidentified ARCrypter Ransomware Expands Worldwide

A previously unknown ‘ARCrypter’ ransomware that compromised key organizations in Latin America is now expanding its attacks worldwide. Threat actors behind the new ransomware family attacked a government agency in Chile last August, targeting both Linux and Windows systems and appending the “.crypt” extension on encrypted files. Back then, Chilean threat analyst Germán Fernández told BleepingComputer that …

Previously Unidentified ARCrypter Ransomware Expands Worldwide Read More »

phishing hook

Phishing Kit Impersonates Well-known Brands to Target US Shoppers

A sophisticated phishing kit has been targeting North Americans since mid-September, using lures focused on holidays like Labor Day and Halloween. The kit uses multiple evasion detection techniques and incorporates several mechanisms to keep non-victims away from its phishing pages. According to Akamai, whose security researchers discovered the campaign, one of the most interesting features …

Phishing Kit Impersonates Well-known Brands to Target US Shoppers Read More »

Money

New Extortion Scam Threatens to Damage Sites’ Reputation, Leak Data

An active extortion scam is targeting website owners and admins worldwide, claiming to have hacked their servers and demanding $2,500 not to leak data. The attackers (self-dubbed Team Montesano) are sending emails with “Your website, databases and emails has been hacked” subjects. The emails appear to be non-targeted, with ransom demand recipients from all verticals, including …

New Extortion Scam Threatens to Damage Sites’ Reputation, Leak Data Read More »

Conforama

French Furnishing Retail Giant Allegedly Hit with Ransomware

BlackCat ransomware gang listed Conforama, said to be Europe’s second-largest home furnishing retail chain, on its victim list. On its data leak site, BlackCat threat actor boasts about stealing over 1TB of Conforama’s data due to “a very low level of security and protection of their users’ data.” On November 10, the ransom gang gave …

French Furnishing Retail Giant Allegedly Hit with Ransomware Read More »

Sobeys 1

Canadian Food Retail Giant Sobeys Hit by Black Basta Ransomware

Grocery stores and pharmacies belonging to Canadian food retail giant Sobeys have been experiencing IT systems issues since last weekend. Sobeys is one of two national grocery retailers in Canada, with 134,000 employees servicing a network of 1,500 stores in all ten provinces under multiple retail banners, including Sobeys, Safeway, IGA, Foodland, FreshCo, Thrifty Foods, …

Canadian Food Retail Giant Sobeys Hit by Black Basta Ransomware Read More »

Outlook headpic

Outlook and Thunderbird accounts targeted with novel malware

Previously unknown StrelaStealer malware hunts for mail login data from popular email clients such as Outlook and Thunderbird. The purpose-built malware researchers discovered in November 2022 targets explicitly mail login data, analysts from DCSO CyTec claim. Dubbed StrelaStealer, referencing Strela surface-to-air missile launcher, the malware might be a part of a larger targeted attack. “DCSO …

Outlook and Thunderbird accounts targeted with novel malware Read More »

asset upload file77313 242884

Malware on the Google Play Store Leads to Harmful Phishing Sites

A family of malicious apps from developer Mobile apps Group are listed on Google Play and infected with Android/Trojan.HiddenAds.BTGTHB. In total, four apps are listed, and together they have amassed at least one million downloads. Older versions of these apps have been detected in the past as different variants of Android/Trojan.HiddenAds. Yet, the developer is still on Google Play dispensing its latest …

Malware on the Google Play Store Leads to Harmful Phishing Sites Read More »

hacker arms raised brighter

Robin Banks Phishing Service Returns to Steal Banking Accounts

The Robin Banks phishing-as-a-service (PhaaS) platform is back in action with infrastructure hosted by a Russian internet company that offers protection against distributed denial-of-service (DDoS) attacks. Robin Banks faced operational disruption in July 2022, when researchers at IronNet exposed the platform as a highly threatening phishing service targeting Citibank, Bank of America, Capital One, Wells Fargo, PNC, U.S. …

Robin Banks Phishing Service Returns to Steal Banking Accounts Read More »

trickbot

LockBit Responsible for 1/3 of Ransomware Attacks Targeting Financial Industry

In the first eight months of 2022, the SOCRadar CTIA Team examined 1,700 ransomware threats published on dark web forums and hacker channels. 4.5% of these posts were related to the financial industry, targeting financial institutions, banks, and the cryptocurrency industry. The financial industry is among the most vulnerable to ransomware incidents. SOCRadar analyzes threats in this industry to raise awareness …

LockBit Responsible for 1/3 of Ransomware Attacks Targeting Financial Industry Read More »

Siri vs Google Assistant 5

iOS Bug Lets Apps Record Siri Conversations

For anyone who thought their conversations with Siri were sacred and keyboard dictation recordings were secure, a new analysis found a flaw in the iOS Bluetooth that could allow someone to grab audio from both.  The find is from researcher Guilherme Rambo, who published details of an Apple iOS flaw he calls “SiriSpy,” tracked under CVE-2022-32946. It would let a …

iOS Bug Lets Apps Record Siri Conversations Read More »

hackers

Researchers Uncover Stealthy Techniques Used by Cranefly Espionage Hackers

A recently discovered hacking group known for targeting employees dealing with corporate transactions has been linked to a new backdoor called Danfuan. This hitherto undocumented malware is delivered via another dropper called Geppei, researchers from Symantec, by Broadcom Software, said in a report shared with The Hacker News. The dropper “is being used to install a new backdoor …

Researchers Uncover Stealthy Techniques Used by Cranefly Espionage Hackers Read More »

akrales 220209 4977 0237

British Hacker Charged for Allegedly Running The Real Deal Dark Web Market

A British hacker who brought the entire nation of Liberia offline more than seven years ago was arraigned before a US federal court today, facing new charges of access device fraud and money laundering conspiracy.  The hacker, Daniel Kaye, has been accused of operating a dark web marketplace called The Real Deal for stolen login information for …

British Hacker Charged for Allegedly Running The Real Deal Dark Web Market Read More »

windows 10 fire

Actively exploited Windows MoTW zero-day gets unofficial patch

A free unofficial patch has been released for an actively exploited zero-day that allows files signed with malformed signatures to bypass Mark-of-the-Web security warnings in Windows 10 and Windows 11. Last weekend, BleepingComputer reported that threat actors were using stand-alone JavaScript files to install the Magniber ransomware on victims’ devices. When a user downloads a file from the Internet, …

Actively exploited Windows MoTW zero-day gets unofficial patch Read More »

law enforcement arrest bright

Student arrested for running one of Germany’s largest dark web markets

Germany’s Federal Criminal Police Office (BKA) has arrested a 22-year-old student in Bavaria, who is suspected of being the administrator of ‘Deutschland im Deep Web’ (DiDW), one of the largest darknet markets in the country. The platform had already gone offline in March 2022, with 16,000 registered users, 28,000 posts, and 72 high-volume sellers of …

Student arrested for running one of Germany’s largest dark web markets Read More »

Android

Android malware droppers with 130K installs found on Google Play

A set of Android malware droppers were found infiltrating the Google Play store to install banking trojans pretending to be app updates. Malware droppers are a challenging category of apps to stop because they do not contain malicious code themselves and thus can more easily pass Google Play reviews when submitted to the store. At …

Android malware droppers with 130K installs found on Google Play Read More »

blog windows backdoor

‘Fully undetectable’ Windows backdoor gets detected

SafeBreach Labs says it has detected a novel fully undetectable (FUD) PowerShell backdoor, which calls into question the accuracy of threat naming. More significantly, the malware may backdoor your Windows system by masquerading as part of the update process. Tomer Bar, director of security research at SafeBreach, explains in an advisory that the software nasty and associated …

‘Fully undetectable’ Windows backdoor gets detected Read More »

multiple personalities

TommyLeaks and SchoolBoys: Two sides of the same ransomware gang

Two new extortion gangs named ‘TommyLeaks’ and ‘SchoolBoys’ are targeting companies worldwide. However, there is a catch — they are both the same ransomware gang. Last month, security researcher MalwareHunterTeam tweeted about a new extortion gang known as ‘TommyLeaks.’ This hacking group claims to breach corporate networks, steal data, and demand a ransom not to leak data. …

TommyLeaks and SchoolBoys: Two sides of the same ransomware gang Read More »

IAEA

Iran’s atomic energy agency claims that alleged state-sponsored hackers have compromised its email system

Iran’s atomic energy agency revealed on Sunday that a nation-state actor had access to a subsidiary’s network and free access to its email system, the Associated Press reports. The hacker group, which calls itself Black Reward announced the hack of the Atomic Energy Organization on Telegram and shared files of contracts, construction plans, and details about …

Iran’s atomic energy agency claims that alleged state-sponsored hackers have compromised its email system Read More »

Thumbnail 3 600x397 1

Thousands of GitHub Repositories Deliver Fake PoC Exploits with Malware

Researchers at the Leiden Institute of Advanced Computer Science have discovered thousands of repositories on GitHub that provide fake proof-of-concept (PoC) exploits for various vulnerabilities, including some malware. GitHub is one of the largest code-hosting platforms he uses, which researchers use to publish his PoC exploits so that the security community can review fixes for …

Thousands of GitHub Repositories Deliver Fake PoC Exploits with Malware Read More »

d4da shutterstock 2190937123

Hackers say they stole 1.4TB of data from UK’s Kingfisher Insurance

The newly discovered Android malware has been confirmed to have infected approximately 20 million users. This malware, called Clicker, was injected into the Google Play Store using 16 different malicious applications. Clicker Campaign McAfee researchers have announced that this malware is disguised as a legitimate utility and targets his Android phone users. These tools include …

Hackers say they stole 1.4TB of data from UK’s Kingfisher Insurance Read More »

code

New Chinese Malware Attack Framework Targets Windows, macOS, and Linux Systems

A previously undocumented command-and-control (C2) framework dubbed Alchimist is likely being used in the wild to target Windows, macOS, and Linux systems. “Alchimist C2 has a web interface written in Simplified Chinese and can generate a configured payload, establish remote sessions, deploy payload to the remote machines, capture screenshots, perform remote shellcode execution, and run …

New Chinese Malware Attack Framework Targets Windows, macOS, and Linux Systems Read More »

Microsoft Data Breach

Microsoft Data Breach, Sensitive Information Exposed From Misconfigured Server

Security researchers at threat intelligence firm SOCRadar notified Microsoft on September 24, 2022 about a misconfiguration of Microsoft endpoints. Confidential information of some of his Microsoft customers was exposed by improperly configured servers. “This misconfiguration could have resulted in unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospects. B. Planned …

Microsoft Data Breach, Sensitive Information Exposed From Misconfigured Server Read More »

featureddeepfake

DeepFakes Are The Cybercriminal Economy’s Latest Business Line

According to cybersecurity experts, this may be used for political propaganda, foreign influence activity, disinformation, scams, and fraud. Introduced by Canadian researchers to the public in 2014, Generative Adversarial Networks (GANs), typically imitate people’s faces, speech, and unique facial gestures, they have become known to online communities as DeepFakes. One of the recently identified underground …

DeepFakes Are The Cybercriminal Economy’s Latest Business Line Read More »

caffeine phishing platform fig6

Caffeine, a new Phishing-as-a-Service toolkit available in the underground

The service includes self-service mechanisms to craft customized phishing kits, manage intermediary redirect pages and final-stage lure pages, dynamically generate URLs for hosted malicious payloads, and track campaign email activity. Unlike most PhaaS platforms, Caffeine features an entirely open registration process, this means that anyone with an email could register for their services. “Unlike most …

Caffeine, a new Phishing-as-a-Service toolkit available in the underground Read More »

hacker

Hackers stole data from US defense org using Impacket, CovalentStealer

The compromise lasted for about ten months and it is likely that multiple advanced persistent threat (APT) groups likely compromised the organization, some of them gaining initial access through the victim’s Microsoft Exchange Server in January last year. Entities in the Defense Industrial Base Sector provide products and services that enable support and deployment of military …

Hackers stole data from US defense org using Impacket, CovalentStealer Read More »

abstract binary 1200x600 1

OnionPoison: infected Tor Browser installer distributed through popular YouTube channel

While performing regular threat hunting activities, we identified multiple downloads of previously unclustered malicious Tor Browser installers. According to our telemetry, all the victims targeted by these installers are located in China. As the Tor Browser website is blocked in China, individuals from this country often resort to downloading Tor from third-party websites. In our …

OnionPoison: infected Tor Browser installer distributed through popular YouTube channel Read More »

android malware

New Android malware ‘RatMilad’ can steal your data, record audio

The RatMilad spyware was discovered by mobile security firm Zimperium who warned that the malware could be used for cyber espionage, extortion, or to eavesdrop on victim’s conversations. “Similar to other mobile spyware we have seen, the data stolen from these devices could be used to access private corporate systems, blackmail a victim, and more,” warned …

New Android malware ‘RatMilad’ can steal your data, record audio Read More »

whatsapp red noglow

Unofficial WhatsApp Android app caught stealing users’ accounts

A new version of an unofficial WhatsApp Android application named ‘YoWhatsApp’ has been found stealing access keys for users’ accounts. YoWhatsApp is a fully working messenger app that uses the same permissions as the standard WhatsApp app and is promoted through advertisements on popular Android applications like Snaptube and Vidmate. The app includes additional features over …

Unofficial WhatsApp Android app caught stealing users’ accounts Read More »

Toyota leak data

Toyota customer data exposed as dev published key on GitHub

Toyota confirmed that data of almost 300,000 of its customers leaked online after the company’s developer published the source code of the user site on GitHub five years ago. The world’s largest car manufacturer, Toyota, apologized for leaking the details of 296,019 of its customers since 2017. The leaked data included email addresses and customer …

Toyota customer data exposed as dev published key on GitHub Read More »

polizei

Germany Arrests Hacker for Stealing €4 Million via Phishing Attacks

One of the three individuals, a 24-year-old German citizen, has been arrested and charged, while a second one, a 40-year-old, was also charged with 124 acts of computer fraud. Investigations on the third suspect are still ongoing. Based on the evidence gathered by the German Computer Crime Office, the phishing operations attributed to the charged …

Germany Arrests Hacker for Stealing €4 Million via Phishing Attacks Read More »

bear

Hackers use PowerPoint files for ‘mouseover’ Malware Delivery

A report from threat intelligence company Cluster25 says that APT28 (a.k.a. ‘Fancy Bear’), a threat group attributed to the Russian GRU (Main Intelligence Directorate of the Russian General Staff), have used the new technique to deliver the Graphite malware as recently as September 9. The threat actor lures targets with a PowerPoint (.PPT) file allegedly linked to the Organization …

Hackers use PowerPoint files for ‘mouseover’ Malware Delivery Read More »

windows 7

Hacking Group Hides Backdoor Malware Inside Windows Logo Image

Witchetty is believed to have close ties to the state-backed Chinese threat actor APT10 (aka ‘Cicada’). The group is also considered part of the TA410 operatives, previously linked to attacks against U.S. energy providers. Symantec reports that the threat group is operating a new cyberespionage campaign launched in February 2022 that targeted two governments in the Middle East …

Hacking Group Hides Backdoor Malware Inside Windows Logo Image Read More »

Malware

New Erbium Password-stealing Malware Spreads as Game Cracks, Cheats

Erbium is a new Malware-as-a-Service (MaaS) that provides subscribers with a new information-stealing malware that is gaining popularity in the cybercrime community thanks to its extensive functionality, customer support, and competitive pricing. Researchers at Cluster25’s team were the first to report on Erbium earlier this month, but a new report by Cyfirma shares further information on how the password-stealing …

New Erbium Password-stealing Malware Spreads as Game Cracks, Cheats Read More »

malware coe

Cyber Criminals Using Quantum Builder Sold on Dark Web to Deliver Agent Tesla Malware

Sold on the dark web for €189 a month, Quantum Builder is a customizable tool for generating malicious shortcut files as well as HTA, ISO, and PowerShell payloads to deliver next-stage malware on the targeted machines, in this case Agent Tesla. The multi-stage attack chain starts with a spear-phishing email containing a GZIP archive attachment that includes a …

Cyber Criminals Using Quantum Builder Sold on Dark Web to Deliver Agent Tesla Malware Read More »

Brute Ratel

Hackers Now Sharing Cracked Brute Ratel Post-Exploitation Kit Online

The Brute Ratel post-exploitation toolkit has been cracked and is now being shared for free across Russian-speaking and English-speaking hacking communities. For those unfamiliar with Brute Ratel C4 (BRC4), it is a post-exploitation toolkit created by Chetan Nayak, an ex-red teamer at Mandiant and CrowdStrike. Red teamers are cybersecurity professionals whose job is to try and breach …

Hackers Now Sharing Cracked Brute Ratel Post-Exploitation Kit Online Read More »

image ransomware gang leaks data stolen from lausd school system 166474825959029

Ransomware gang leaks data stolen from LAUSD school system

The Vice Society Ransomware gang posted statistics and files Sunday morning that had been stolen from the Los Angeles Unified School District all through a cyberattack in advance this month. LAUSD superintendent Alberto M. Carvalho showed the discharge of stolen statistics in a declaration published to Twitter, in conjunction with pronouncing a brand new hotline …

Ransomware gang leaks data stolen from LAUSD school system Read More »

Using MS Teams

Microsoft to let Office 365 users report Teams phishing messages

Microsoft is running on updating Microsoft Defender for Office 365 to permit Microsoft Teams customers to alert their employer’s protection crew of any dodgy messages they receive. Microsoft Defender for Office 365 (previously Office 365 Advanced Threat Protection or Office 365 ATP) protects corporations from malicious threats from e mail messages, links, and collaboration tools. …

Microsoft to let Office 365 users report Teams phishing messages Read More »

whatsapp

Critical WhatsApp vulnerabilities patched: Check if you’re updated!

WhatsApp has fixed two remote code execution vulnerabilities in its September update, according to its security advisory. These could have allowed an attacker to remotely access a device and execute commands from afar. These versions of WhatsApp are affected by at least one of the vulnerabilities: WhatsApp for Android prior to v2.22.16.12 WhatsApp Business for Android prior …

Critical WhatsApp vulnerabilities patched: Check if you’re updated! Read More »

hacked 1

New Malware Campaign Targeting Job Seekers with Cobalt Strike Beacons

A social engineering marketing campaign leveraging job-themed lures is weaponizing a years-vintage far off code execution flaw in Microsoft Office to set up Cobalt Strike beacons on compromised hosts. “The payload determined is a leaked model of a Cobalt Strike beacon,” Cisco Talos researchers Chetan Raghuprasad and Vanja Svajcer stated in a brand new evaluation …

New Malware Campaign Targeting Job Seekers with Cobalt Strike Beacons Read More »

destructive malware targeting organizations in ukraine

New Warnings from Ukraine About Looming Russian Cyberattacks

The Ukrainian government’s Computer Emergency Response Team (CERT-UA) published new recommendations Thursday, warning that its experts had identified software vulnerabilities that could allow Russian cyber actors to get deep inside a computer network. The advisory further warned that the vulnerabilities could allow Russia to launch a renewed series of targeted cyberattacks on Ukraine aimed at …

New Warnings from Ukraine About Looming Russian Cyberattacks Read More »

optus

Optus: How a massive data breach has exposed Australia

Some experts say it may be the worst data breach in Australia’s history. But this week has seen more dramatic and messy developments – including ransom threats, tense public exchanges and scrutiny over whether this constituted a “hack” at all. It’s also ignited critical questions about how Australia handles data and privacy. The alarm was …

Optus: How a massive data breach has exposed Australia Read More »

cover album mini bjork yang dipakai bjorka

Bjorka, the Online Hacker Trying to Take Down the Indonesian Government

The first that Indonesia heard about the hacker now known as Bjorka came when news broke at the beginning of September of a massive data leak. Some 1.3 billion SIM card registration details were stolen and listed for sale on a dark web online marketplace. The data was harvested in part as a result of …

Bjorka, the Online Hacker Trying to Take Down the Indonesian Government Read More »

Sephora pays ccpa fine

Sephora Pays $1.2m Fine Under Californian Data Privacy Law

French retailer Sephora became the first company to be penalized under the California Consumer Privacy Act (CCPA) for not disclosing to consumers that it sells their personal information, failing to respect users’ Global Privacy Control as an opt-out, and neglecting to correct these infractions by the deadline. The $1.2 million penalty is part of a settlement, so …

Sephora Pays $1.2m Fine Under Californian Data Privacy Law Read More »

Australia Phones Data Breach

Australia Phones Cyber-Attack Exposes Personal Data

The breach exposed customers’ names, dates of birth, phone numbers and email addresses. The company – which has more than ten million subscribers – says it has shut down the attack but not before other details such as driver’s licences and passport numbers were hacked. Optus says payment data and account passwords were not compromised. …

Australia Phones Cyber-Attack Exposes Personal Data Read More »

Data Privacy Law

Indonesia Set to Pass New Data Privacy Law After Spate of Leaks

Data operators could face up to five years in jail and a maximum fine of 5 billion rupiah ($337,000) for leaking or misusing private information, according to Indonesia’s new data privacy bill set to be passed by parliament this week.  Institutions may collect personal information for a specific purpose but must erase the record once …

Indonesia Set to Pass New Data Privacy Law After Spate of Leaks Read More »

Uber

Uber Investigating Breach of Its Computer Systems

Uber discovered its computer network had been breached on Thursday, September 15th, 2022. Leading the company to take several of its internal communications and engineering systems offline as it investigated the extent of the hack. The breach appeared to have compromised many of Uber’s internal systems, and a person claiming responsibility for the hack sent …

Uber Investigating Breach of Its Computer Systems Read More »

lastpass password manager Keys

Hackers Had Access to LastPass’s Development Systems for Four Days

Password management solution LastPass shared more details pertaining to the security incident last month, disclosing that the threat actor had access to its systems for a four-day period in August 2022. “There is no evidence of any threat actor activity beyond the established timeline,” LastPass CEO Karim Toubba said in an update shared on September …

Hackers Had Access to LastPass’s Development Systems for Four Days Read More »

crypto mining

Hackers Targeting WebLogic Servers and Docker APIs for Mining Cryptocurrencies

Malicious actors like Kinsing use both recently discovered and legacy vulnerabilities in Oracle WebLogic Server to propagate cryptocurrency mining malware. Cybersecurity firm Trend Micro said it has found that financially motivated groups are using vulnerabilities to drop Python scripts with the ability to disable the operating system’s “OS.” Security features such as Security-Enhanced Linux (SELinux). …

Hackers Targeting WebLogic Servers and Docker APIs for Mining Cryptocurrencies Read More »

starbucks 1360x909 1

Hacker sells stolen Starbucks data of 219,000 Singapore customers

The Singapore division of Starbucks, the popular American coffeehouse chain, has admitted that it suffered a data breach incident impacting over 219,000 of its customers. The first clue that they were breached came on September 10, when a threat actor offered to sell a database containing sensitive details of 219,675 Starbucks customers on a popular …

Hacker sells stolen Starbucks data of 219,000 Singapore customers Read More »

YouTube headpic

New malware bundle self-spreads through YouTube gaming videos

A new malware bundle uses victims’ YouTube channels to upload malicious video tutorials advertising fake cheats and cracks for popular video games to spread the malicious package further. The self-spreading malware bundle has been promoted in YouTube videos targeting fans playing FIFA, Final Fantasy, Forza Horizon, Lego Star Wars, and Spider-Man.These uploaded videos contain links …

New malware bundle self-spreads through YouTube gaming videos Read More »

632187fbda295

Pemerintah Menuntut Keamanan Siber Sektor Swasta yang Lebih Baik di Tengah Pelanggaran Data ‘Bjorka’

Rentetan peretasan yang membobol keamanan siber Indonesia oleh seorang hacker bernama Bjorka – yang membocorkan data pejabat negara dan lembaga pemerintah – terus menjadi fokus utama Menteri Komunikasi dan Informatika Johnny G. Plate. Sebelumnya, akun Twitter yang diyakini dijalankan oleh peretas menjelaskan alasan di balik serangkaian pembobolan data tersebut. Bjorka bersikeras bahwa kebijakan perlindungan data …

Pemerintah Menuntut Keamanan Siber Sektor Swasta yang Lebih Baik di Tengah Pelanggaran Data ‘Bjorka’ Read More »

Pole Emploi France

Hackers abuse government servers to steal job seekers’ data

The attackers used the servers of Pôle Emploi, an employment agency of the French government, to trick users into divulging their credentials. Discovered by researchers at threat detection firm Vade, the exploit allowed hackers to hide phishing links in legitimate documents sent from legitimate government servers. The attack was carried out through Pôle Emploi, a …

Hackers abuse government servers to steal job seekers’ data Read More »

GIFShell

GIFShell – New Attack Method That Allows Attackers to Steal Data Using Microsoft Teams GIFs

A cybersecurity consultant and pentester, Bobby Rauch recently discovered that threat actors are abusing Microsoft Teams by executing phishing attacks using a new attack technique known as GIFshell. Using GIFs to execute covert commands for the purpose of stealing data. With the use of this new method, attackers can create complex attacks that exploit a variety of …

GIFShell – New Attack Method That Allows Attackers to Steal Data Using Microsoft Teams GIFs Read More »

wordpress

Hackers Exploit Zero-Day in WordPress BackupBuddy Plugin in 5 Million Attempts

A zero-day flaw in a WordPress plugin called BackupBuddy is being actively exploited, WordPress security company Wordfence has disclosed. “This vulnerability makes it possible for unauthenticated users to download arbitrary files from the affected site which can include sensitive information,” it said. BackupBuddy allows users to back up their entire WordPress installation from within the dashboard, including theme …

Hackers Exploit Zero-Day in WordPress BackupBuddy Plugin in 5 Million Attempts Read More »

Malware Phishing emails

Lampion malware returns in phishing attacks abusing WeTransfer

The Lampion malware is being distributed in greater volumes lately, with threat actors abusing WeTransfer as part of their phishing campaigns. WeTransfer is a legitimate file-sharing service that can be used free of charge, so it’s a no-cost way to bypass security software that may not raise alerts about the URLs used in emails. In …

Lampion malware returns in phishing attacks abusing WeTransfer Read More »

shutterstock 1917202160 scaled 1

Holiday Inn owner admits to being breached

InterContinental Hotels Group (IHG), the owner of many hotel brands, including Holiday Inn, said parts of the company’s technology systems have been subject to unauthorized activity. “IHG’s booking channels and other applications have been significantly disrupted since yesterday, and this is ongoing,” the company said on Tuesday. It disclosed the breach to the London Stock …

Holiday Inn owner admits to being breached Read More »

63174855c94b7

Data KPU Diduga Bocor, 105 Juta Data Valid Dijual Online

Kasus kebocoran data di Indonesia kembali terjadi, kali ini menyangkut KPU. Pada hari Selasa 6 September, ditemukan sebanyak 105 juta data penduduk Indonesia yang diduga milik KPU dibagikan di forum online “Breached Forums”. Data itu diunggah oleh salah seorang anggota forum dengan username “Bjorka” dan dijual seharga Rp 5.000 dollar AS (Rp 74,4 juta). Dalam …

Data KPU Diduga Bocor, 105 Juta Data Valid Dijual Online Read More »

Shutterstock 1058938274

Fitness platform suffers major breach, revealing user data and sensitive photos

Move With Us – a fitness platform that offers women’s health and fitness programs – suffered a data breach, possibly exposing sensitive information and revealing progress photos of users. An error occurring on the customer profile page allowed users to log in to other peoples’ profiles, giving them access to emails, addresses, phone numbers, names, …

Fitness platform suffers major breach, revealing user data and sensitive photos Read More »

105962930 1560357834627crowdstrike

Cyber Security Stocks are Beating the Market in a Volatile Economy

Economic concerns were a major theme across the technology industry during second-quarter earnings season, as companies cautioned about slower spending on ads, gadgets, e-commerce and software. But with interest rates rising and inflation stuck near a 40-year high, one part of the tech sector is still showing booming demand: cybersecurity. Earnings reports this week from CrowdStrike and SentinelOne pleasantly surprised …

Cyber Security Stocks are Beating the Market in a Volatile Economy Read More »

samsung

Samsung Admits Data Breach that Exposed Details of Some U.S. Customers

South Korean chaebol Samsung on Friday said it experienced a cybersecurity incident that resulted in the unauthorized access of some customer information, the second time this year it has reported such a breach. “In late July 2022, an unauthorized third-party acquired information from some of Samsung’s U.S. systems,” the company disclosed in a notice. “On or around …

Samsung Admits Data Breach that Exposed Details of Some U.S. Customers Read More »

chrome update

Google Releases Urgent Chrome Update to Patch New Zero-Day Vulnerability

Google on Friday shipped emergency fixes to address a security vulnerability in the Chrome web browser that it said is being actively exploited in the wild. The issue, assigned the identifier CVE-2022-3075, concerns a case of insufficient data validating in Mojo, which refers to a collection of runtime libraries that provide a platform-agnostic mechanism for inter-process communication …

Google Releases Urgent Chrome Update to Patch New Zero-Day Vulnerability Read More »

c7664131 ba01 4a71 ab8e 91af7e2f1bd7 169

Data 347 GB Dokumen Perusahaan di Indonesia Dijual di Dunia Maya

Data yang berisi dokumen ribuan perusahaan di Indonesia bocor dan diperdagangkan di dunia maya. Hingga kini belum diketahui dari mana asal kebocoran data tersebut.Hal tersebut terlacak dari postingan di dark web berjudul “347GB Confidential documents of 21.7K Indonesia Companies + Foreign Companies (branch)”. Situs ini beralamatkan di breached(dot)xx, yaitu situs forum peretas yang mirip dengan …

Data 347 GB Dokumen Perusahaan di Indonesia Dijual di Dunia Maya Read More »

1200x800 mainpic

Over 1,800 iOS and Android apps leak AWS credentials

Flawed Android and iOS app developer practices could allow attackers to access private Amazon Web Services (AWS) credentials, researchers say. Android and iOS were found to contain hard-coded AWS credentials, a flaw malicious actors could use to penetrate private databases, resulting in personal data loss and data breaches. Researchers at Broadcom Software identified 1,859 publicly …

Over 1,800 iOS and Android apps leak AWS credentials Read More »

Cara Verified Instagram Syarat hingga Berbagai Keuntungannya

Hackers exploit users’ desire to get verified by Instagram

Threat actors take advantage of Instagram’s highly sought-after verification program to harvest user credentials. Cybersecurity company Vade discovered a sophisticated and targeted phishing campaign designed to lure Instagram users into a trap and harvest their personal information and account credentials. It all starts with an email saying that your Instagram account has been reviewed and …

Hackers exploit users’ desire to get verified by Instagram Read More »

ddos

Hackers Using Fake DDoS Protection Pages to Distribute Malware

WordPress sites are being hacked to display fraudulent Cloudflare DDoS protection pages that lead to the delivery of malware such as NetSupport RAT and Raccoon Stealer. “A recent surge in JavaScript injections targeting WordPress sites has resulted in fake DDoS prevent prompts which lead victims to download remote access trojan malware,” Sucuri’s Ben Martin said in a …

Hackers Using Fake DDoS Protection Pages to Distribute Malware Read More »

lastpass hacked

LastPass Suffers Data Breach, Source Code Stolen

Cyberattackers have compromised the internal systems of LastPass, making off with source code and intellectual property. LastPass is a freemium password manager that stores encrypted passwords online. The standard version of LastPass comes with a web interface, but also includes plugins for various web browsers and apps for many smartphones. It also includes support for …

LastPass Suffers Data Breach, Source Code Stolen Read More »

databreach

Major Data Breach Cases in Indonesia in Past 2 Years

1. Healthcare and Social Security Agency (BPJS Kesehatan)  In May, the personal data of BPJS Kesehatan users was sold in an online forum known as Raid Forums for the price of 0.15 bitcoins by a user called ‘Kotz.’ Tempo confirmed this to cybersecurity expert from Vaksincom, Alfons Tanujaya, to which he answered: “It seems to be confirmed,” on May 20, 2021.  Not long …

Major Data Breach Cases in Indonesia in Past 2 Years Read More »

french hospital

Cyber attackers disrupt services at French hospital, demand $10 million ransom

A hospital southeast of Paris has been targeted by a cyber attack, causing disruption to its services. Nurses are having to file data by hand. The hackers have demanded a $10 million ransom to unblock the system, but the hospital’s director says it will not pay. The IT system at the hospital centre in Corbeil-Essonnes has been virtually …

Cyber attackers disrupt services at French hospital, demand $10 million ransom Read More »

hacker jasa marga

Data Breach Kembali Terjadi, Kali Ini Menimpa PT Jasa Marga

Kabar kebocoran data kembali terjadi dan menimpa salah satu perusahaan Indonesia, yaitu PT Jasa Marga. Berdasarkan sebuah laporan yang tengah ramai di media sosial, data PT Jasa Marga diduga bocor dan berhasil dikantongi oleh hacker. Informasi dugaan kebocoran data PT Jasa Marga tersebut pertama kali diungkap oleh akun Twitter @FalconFeedsio, Rabu (24/8) siang. “Vendor di forum hacker telah menambahkan Operator Tol …

Data Breach Kembali Terjadi, Kali Ini Menimpa PT Jasa Marga Read More »

Airport

Hackers Target Hotel and Travel with Fake Reservations

A hacker tracked as TA558 has upped their activity this year, running phishing campaigns that target multiple hotels and firms in the hospitality and travel space. The threat actor uses a set of 15 distinct malware families, usually remote access trojans (RATs), to gain access to the target systems, perform surveillance, steal key data, and …

Hackers Target Hotel and Travel with Fake Reservations Read More »

Indonesian PLN Data 17 Million

More than 17 Millions PLN Data is Listed for Sale on Hacker Forum

Indonesia is in the midst of yet another major data breach scandal, this time involving state utility firm PLN as well as numerous other companies based in the country. lleged data leaks have occurred again in Indonesia. This time, more than 17 million customer data of PLN or the State Electricity Company were sold on …

More than 17 Millions PLN Data is Listed for Sale on Hacker Forum Read More »

cyber attacks

Impact of Cyber Attacks on Startups and How Founders can Protect Their Business

After the pandemic, every company, irrespective of the industry, has been compelled to undertake digital business operations to keep things going. While that bodes well for their future as well as the convenience of the customers/clients from a business perspective, the transition has also given a wider range of targets to strike at. Hackers have …

Impact of Cyber Attacks on Startups and How Founders can Protect Their Business Read More »

cyber attack warning danger threat hack

Cyber Attacks are Increasing, The Cost of a Data Breach is Increasing

If you think the pace of cyber attacks is increasing, you’re not wrong. According to Check Point Software, the average number of weekly attacks faced by organizations in the second quarter was up 32 per cent compared to the same period last year. In part that’s due to threat actors trying to take advantage early in the …

Cyber Attacks are Increasing, The Cost of a Data Breach is Increasing Read More »

zoom

Messages Sent Through Zoom Can Expose People to Cyber-Attack

Zoom, the videoconferencing platform that has become a staple for connection and communication since the onset of COVID-19, has revealed four recent security vulnerabilities. The vulnerabilities could be exploited to compromise users over chat by sending specially crafted Extensible Messaging and Presence Protocol (XMPP) messages and executing malicious code. The four vulnerabilities, ranging from 5.9 to …

Messages Sent Through Zoom Can Expose People to Cyber-Attack Read More »

nhs logo

NHS Ransomware Attack: what happened and how bad is it?

The National Health Service (NHS) is the umbrella term for the publicly funded healthcare systems of the United Kingdom (UK). Since 1948, they have been funded out of general taxation. There are three systems which are referred to using the “NHS” name (NHS England, NHS Scotland and NHS Wales). Health and Social Care in Northern Ireland was created separately and is often locally referred to as …

NHS Ransomware Attack: what happened and how bad is it? Read More »

twitter confirms zero day bug that exposed 54m accounts showcase image 3 a 19732

Twitter Confirms Zero-Day Bug That Exposed 5.4M Accounts

The compromised profiles, which were earlier put on sale in a cybercrime forum, were breached after a now-patched bug allowed anyone to enter a phone number or an email address of a user and learn if that information was connected to an existing Twitter account and, if so, which specific account. ISMG could not independently …

Twitter Confirms Zero-Day Bug That Exposed 5.4M Accounts Read More »

ezgif 4 b9056b6f0c

Two terabytes of data released as hackers strive to expose companies’ environmental damage

The hacking collective Guacamaya hacked and released over two terabytes of data from five mining companies and two public agencies in Central and South America to expose the negative environmental developments in the area. A collection of files and emails was released from two public agencies (from Colombia and Guatemala,) as well as five private …

Two terabytes of data released as hackers strive to expose companies’ environmental damage Read More »

crypto bridge nomad loses 190m in free for all attack showcase image 4 a 19680

Crypto Bridge Nomad Loses $190M in Free-For-All Attack

Dozens of hackers converged on trading platform Nomad to drain nearly $200 million in digital assets held by the U.S. cryptocurrency firm in an attack described by an observer as a “frenzied free-for-all.” The attack, discovered late Monday afternoon, vaults Nomad into the upper tier of cross-chain bridge hacking victims. Cross-chain bridges perform a vital cryptocurrency service …

Crypto Bridge Nomad Loses $190M in Free-For-All Attack Read More »

virus spreading network devices nodes connected Internet of Things malware hacked e1491237560204

As Microsoft blocks Office macros, hackers find new attack vectors

Hackers who normally distributed malware via phishing attachments with malicious macros gradually changed tactics after Microsoft Office began blocking them by default, switching to new file types such as ISO, RAR, and Windows Shortcut (LNK) attachments. VBA and XL4 Macros are small programs created to automate repetitive tasks in Microsoft Office applications, which threat actors …

As Microsoft blocks Office macros, hackers find new attack vectors Read More »

Uber 10

Uber dodges lawsuit by taking blame for data breach

Uber has admitted responsibility for a data breach in 2016 that exposed millions of its users to malicious hackers to avoid prosecution, the US Department of Justice has disclosed. “Uber Technologies has entered a non-prosecution agreement with federal prosecutors to resolve a criminal investigation into the coverup of a significant data breach suffered by the …

Uber dodges lawsuit by taking blame for data breach Read More »

DKnCXCBzVhrirv84RYHLg8 1200 80

Attackers exploit PrestaShop vulnerability to steal payment data

Threat actors target the e-commerce platform by exploiting a zero-day vulnerability that allows them to execute arbitrary instructions. PrestaShop, an open-source e-commerce platform hosting over 300,000 shops, ran into a ‘major security vulnerability.’ Attackers discovered a way to use a security vulnerability to carry out arbitrary code execution in servers running PrestaShop websites. “Malicious actors …

Attackers exploit PrestaShop vulnerability to steal payment data Read More »

At least 3 lawsuits filed against T Mobile for its recent major security breach

T-Mobile to pay $350m for a massive data breach

T-Mobile will pay $350 million in settlement following the 2021 hack, which exposed 76.6 million US residents’ data. Back in August 2021, T-Mobile reported a data breach after an online forum said that the personal data of more than 100 million of the company’s users was leaked. The breached data (which came from T-Mobile’s servers) included not …

T-Mobile to pay $350m for a massive data breach Read More »

Screenshot 2022 07 18 133037

Cloudflare named the botnet behind record-breaking DDoS attack

Cloudflare says that Mantis botnet is responsible for the 26 million requests per second.HTTPS DDoS attack, the largest on record. Cloudflare claims the largest distributed denial-of-service (DDoS) attack was the work of a botnet the company dubbed ‘Mantis.’ The name alludes to a Mantis shrimp, a small yet powerful crustacean. “Similarly, the Mantis botnet operates a small …

Cloudflare named the botnet behind record-breaking DDoS attack Read More »

Peringkatan Ancaman Keamanan dan Kerentanan Sistem

Android merupakan sistem operasi telepon seluler yang menggunakan beberapa fungsi KeyguardServiceWrapper.Java dan file terkait untuk melihat secara singkat apa yang ada di bawah layar kunci yang dapat menyebabkan peningkatan hak istimewa yang dapat menyebabkan eksploitasi berkelanjutan. Lockscreen ByPass adalah upaya untuk mengeksploitasi atau memaksa perilaku tak terduga dari proses yang tidak secara langsung pada lockscreen …

Peringkatan Ancaman Keamanan dan Kerentanan Sistem Read More »

Screenshot 2022 07 18 132201

CISA orders agencies to patch new Windows zero-day used in attacks

CISA has added an actively exploited local privilege escalation vulnerability in the Windows Client/Server Runtime Subsystem (CSRSS) to its list of bugs abused in the wild. This high severity security flaw (tracked as CVE-2022-22047) impacts both server and client Windows platforms, including the latest Windows 11 and Windows Server 2022 releases. Microsoft has patched it as …

CISA orders agencies to patch new Windows zero-day used in attacks Read More »

mobile security

‘Callback’ Phishing Campaign Impersonates Security Firms

Victims instructed to make a phone call that will direct them to a link for downloading malware. A new callback phishing campaign is impersonating prominent security companies to try to trick potential victims into making a phone call that will instruct them to download malware. Researchers at CrowdStrike Intelligence discovered the campaign because CrowdStrike is …

‘Callback’ Phishing Campaign Impersonates Security Firms Read More »

Screenshot 2022 07 12 131929

Millions affected as ransomware knocks out French telecom firm

Seven days after the breach, French telecom company La Post Mobile still hasn’t recovered from the attack by LockBit ransomware. The mobile phone network owned by the French Post was hit with a ransomware attack on 4 July, severely disrupting the company’s administrative and management services. Users trying to access La Post Mobile’s website are …

Millions affected as ransomware knocks out French telecom firm Read More »

ransomware7 e1636129059903

U.S. Healthcare Orgs Targeted with Maui Ransomware

State-sponsored actors are deploying the unique malware–which targets specific files and leaves no ransomware note–in ongoing attacks. Several federal agencies are warning healthcare organizations that they are under threat of attacks from North Korean state-sponsored actors employing a unique ransomware that targets files with surgical precision, according to U.S. federal authorities. Threat actors from North …

U.S. Healthcare Orgs Targeted with Maui Ransomware Read More »

Clever phishing method bypasses MFA using Microsoft WebView2 apps 1024x576 1

Clever phishing method bypasses MFA using Microsoft WebView2 apps

A clever, new phishing technique uses Microsoft Edge WebView2 applications to steal victim’s authentication cookies, allowing threat actors to bypass multi-factor authentication when logging into stolen accounts. With the large number of data breaches, remote access trojan attacks, and phishing campaigns, stolen login credentials have become abundant. However, the increasing adoption of multi-factor authentication (MFA) …

Clever phishing method bypasses MFA using Microsoft WebView2 apps Read More »