Cybersecurity
Category Added in a WPeMatico Campaign
The emergence of ten new Android banking malware families in 2023 highlights the increasing sophistication and capabilities of these trojans, including automated transfer systems, social engineering tactics, and live screen-sharing capabilities.
Data of over a million users of the crypto exchange GokuMarket exposed Pierluigi Paganini December 15, 2023 GokuMarket, a centralized crypto exchange owned by ByteX, left an open instance, revealing the details of virtually all of its users, the Cybernews research team has discovered. The leak comes after the team discovered an unprotected MongoDB instance, […]
Dec 15, 2023NewsroomBotnet / Advanced Persistent Threat A new botnet consisting of firewalls and routers from Cisco, DrayTek, Fortinet, and NETGEAR is being used as a covert data transfer network for advanced persistent threat actors, including the China-linked threat actor called Volt Typhoon. Dubbed KV-botnet by the Black Lotus Labs team at Lumen Technologies, the […]
BianLian, White Rabbit, and Mario Ransomware Gangs Spotted in a Joint Campaign Pierluigi Paganini December 15, 2023 Resecurity has uncovered a meaningful link between three major ransomware groups, BianLian, White Rabbit, and Mario Ransomware. Based on a recent Digital Forensics & Incident Response (DFIR) engagement with a law enforcement agency (LEA) and one of the […]
Four US residents have been charged with a series of money laundering offenses connected to a major “pig butchering” fraud syndicate. Lu Zhang, 36, of Alhambra, California; Justin Walker, 31, of Cypress, California; Joseph Wong, 32, of Rosemead, California; and Hailong Zhu, 40, of Naperville, Illinois, are charged with conspiracy to commit money laundering, concealment […]
Dec 15, 2023NewsroomCryptocurrency / Malware Crypto hardware wallet maker Ledger published a new version of its “@ledgerhq/connect-kit” npm module after unidentified threat actors pushed malicious code that led to the theft of more than $600,000 in virtual assets. The compromise was the result of a former employee falling victim to a phishing attack, the company […]
Dec 14, 2023NewsroomMalware / Cyber Espionage The Iranian state-sponsored threat actor known as OilRig deployed three different downloader malware throughout 2022 to maintain persistent access to victim organizations located in Israel. The three new downloaders have been named ODAgent, OilCheck, and OilBooster by Slovak cybersecurity company ESET. The attacks also involved the use of an […]
Approval phishing scams have been used to steal at least $1bn in cryptocurrency since May 2021, according to a new report by Chainalysis. The researchers estimates that this technique, which is frequently used by romance scammers, has led to crypto users losing at least $374m so far in 2023. Approval phishing is a type of […]
Web Application Security consists of a myriad of security controls that ensure that a web application: Functions as expected. Cannot be exploited to operate out of bounds. Cannot initiate operations that it is not supposed to do. Web Applications have become ubiquitous after the expansion of Web 2.0, which Social Media Platforms, E-Commerce websites, and […]