Security

0 Comments
Researchers have warned of a new multi-factor authentication (MFA) phishing campaign targeting thousands of users, including a large share of C-suite executives. The group behind it sent at least 120,000 phishing emails to hundreds of organizations across the globe between March and June this year, according to Proofpoint. These emails typically impersonate legitimate trusted services
0 Comments
The UK’s financial regulatory has warned consumers to be on the lookout for loan fee fraudsters after revealing new research claiming that many Brits are worried about their finances this summer. The Financial Conduct Authority (FCA) said it polled 2000 adults in late July and found that 55% are more concerned about their bank balance
0 Comments
UK organizations lost billions in data breaches between 2019 and 2022, with hundreds of millions of their customers suffering compromise of their personal information, according to a new analysis from Imperva. The security vendor studied 99,490 breaches reported to the Information Commissioner’s Office (ICO) between April 2019 and December 2022, as well as the “most
0 Comments
The Clop ransomware group has begun offering access to data stolen in MOVEit attacks via torrents, it has emerged. Security researcher Dominic Alvieri revealed the news on Twitter, with screenshots showing several big-name victims whose data is being made available via P2P sharing. Among the corporate names on that list were investment firm Putnam, Iron Bow Technologies
0 Comments
A new malicious campaign has been found on the Python Package Index (PyPI) open-source repository involving 24 malicious packages that closely imitate three popular open-source tools: vConnector, eth-tester and databases. The campaign, dubbed VMConnect, was uncovered by ReversingLabs and started around July 28, 2023, with the continuous posting of new malicious PyPI packages daily. The
0 Comments
A stealthy malware has been discovered on npm, the popular package manager for JavaScript, that poses a severe threat by exposing sensitive developer data. The findings come from cybersecurity firm Phylum, who said that on July 31 2023, their automated risk detection platform raised an alert regarding suspicious activities on npm. Over the course of a
0 Comments
by Paul Ducklin Back in August 2016, Heather Morgan, a.k.a. Razzlekhan, a.k.a. the Crocodile of Wall Street (actually, there’s a double-barrelled expletive in front of the word ‘crocodile’, but this is a family-friendly website so we’ll leave you to extrapolate for yourself), and her husband Ilya Lichtenstein got their hands on 120,000 of your finest
0 Comments
Threat intelligence experts from Group-IB have shed light on the hacktivist collective known as Mysterious Team Bangladesh. In a report published today, the firm analyzed the group’s history, tactics and targets, providing vital insights into its operations. Mysterious Team Bangladesh emerged in 2020 but gained international recognition in 2022 after conducting cyber raids against high-profile
0 Comments
A new and sophisticated malware campaign named “P2Pinfect” has been observed targeting publicly-accessible deployments of the Redis data store. According to a technical write-up published on Monday by Cado Security Labs, the malware is written in Rust, making it challenging to analyze due to the programming language’s complexities. For context, in the time between Cado Security
0 Comments
The Android spyware known as SpyNote has been targeting financial institutions since late 2022 while expanding its capabilities to carry out bank fraud.  Security researchers at Cleafy have recently shared new findings about SpyNote, saying the malware exploits Accessibility services and various Android permissions to conduct multiple malicious activities.  SpyNote distribution occurs through email phishing
0 Comments
New research has highlighted the severe risks posed by forged certificate attacks, which can lead to unauthorized access to important company resources. These attacks, known as the Shadow Credentials technique, involve attackers exploiting certain parts of a system called Active Directory (AD) that manages user access to various services. Kaspersky cybersecurity expert Alexander Rodchenko conducted
0 Comments
CardioComm Solutions, a Canadian medical provider of consumer heart monitoring and medical ECG software solutions, has disclosed a cybersecurity incident on Tuesday that occurred on the company’s servers. To address the situation, CardioComm said it is collaborating closely with KPMG-EGYDE, relevant authorities and third-party cybersecurity experts.  The company assures its customers that there is no evidence
0 Comments
by Paul Ducklin ONE WEEK, TWO BWAINS Apple patches two zero-days, one for a second time. How a 30-year-old cryptosystem got cracked. All your secret are belong to Zenbleed. Remembering those dodgy PC/Mac ads. No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge.
0 Comments
The threat of vendor email compromise (VEC) attacks has escalated, with recent data showing a sharp increase in such cyber-threats.  According to a new report published by cybersecurity firm Abnormal Security earlier today, VEC attacks – a variant of business email compromise (BEC) – pose a significant risk to organizations worldwide. These attacks impersonate trusted
0 Comments
Infoblox has unveiled crucial updates on the “Decoy Dog” remote access trojan (RAT) toolkit in a new threat report published today.  Initially discovered and disclosed in April 2023, Decoy Dog has proven to be more sophisticated than previously thought, using DNS for command-and-control (C2) and is suspected to be employed in ongoing nation-state cyber-attacks. Following Infoblox’s