A North Carolina state agency that administers a fund for homeowners struggling with housing expenses lost nearly $3 million in a business email compromise (BEC) scam last year. According to court documents, the stolen funds were seized by a special agent within the United States Secret Service in September. The North Carolina Housing Finance Agency […]
A North Carolina state agency that administers a fund for homeowners struggling with housing expenses lost nearly $3 million in a business email compromise (BEC) scam last year. According to court documents, the stolen funds were seized by a special agent within the United States Secret Service in September. The North Carolina Housing Finance Agency […]
Feb 05, 2024NewsroomMalware / Financial Security The threat actors behind the Mispadu banking Trojan have become the latest to exploit a now-patched Windows SmartScreen security bypass flaw to compromise users in Mexico. The attacks entail a new variant of the malware that was first observed in 2019, Palo Alto Networks Unit 42 said in a […]
An Iran-linked hacking group with a history of targeting Albanian state agencies and businesses said on Thursday that it was behind an attack on the country’s Institute of Statistics (INSTAT), which is responsible for census information and other official statistics. Due to the “sophisticated” cyber incident that affected INSTAT’s official website and email service, the […]
South Africa’s railway agency lost some 30.6 million rand (US$1.6 million) after the transport network fell victim to a phishing scam. In its annual report, the Passenger Rail Agency of South Africa (PRASA) said that it had recovered just over half of a the total money stolen by the criminals behind the attack. The theft […]
Feb 03, 2024NewsroomIntelligence Agency / Cyber Security The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions against six officials associated with the Iranian intelligence agency for attacking critical infrastructure entities in the U.S. and other countries. The officials include Hamid Reza Lashgarian, Mahdi Lashgarian, Hamid Homayunfal, Milad Mansuri, Mohammad Bagher Shirinkar, and […]
Mastodon users and administrators need to upgrade to the latest version to patch a critical vulnerability (CVE-2024-23832) that allows attackers to take over accounts remotely.
Security researchers have sounded the alarm on a new cyberattack campaign using cracked copies of popular software products to distribute a backdoor to macOS users. What makes the campaign different from numerous others that have employed a similar tactic — such as one reported just earlier this month involving Chinese websites — is its sheer […]
Feb 03, 2024NewsroomVulnerability / Social Media The decentralized social network Mastodon has disclosed a critical security flaw that enables malicious actors to impersonate and take over any account. “Due to insufficient origin validation in all Mastodon, attackers can impersonate and take over any remote account,” the maintainers said in a terse advisory. The vulnerability, tracked […]