Cybersecurity
Category Added in a WPeMatico Campaign
Dec 24, 2023NewsroomCyber Crime / Data Breach Two British teens part of the LAPSUS$ cyber crime and extortion gang have been sentenced for their roles in orchestrating a string of high-profile attacks against a number of companies. Arion Kurtaj, an 18-year-old from Oxford, has been sentenced to an indefinite hospital order due to his intent […]
The hacker group known as Cloud Atlas targeted a Russian agro-industrial enterprise and a state-owned research company in a new espionage campaign, researchers have found. Cloud Atlas is a state-backed threat actor, active since at least 2014, that mostly attacks organizations in Russia, Belarus, Azerbaijan, Turkey, and Slovenia. In its new campaign, the hackers sent […]
The MS Drainer operates through phishing websites, tricking users into approving malicious contracts and transferring their money to the attacker’s wallet address without their consent.
Dec 22, 2023NewsroomSkimming / Web Security Threat hunters have discovered a rogue WordPress plugin that’s capable of creating bogus administrator users and injecting malicious JavaScript code to steal credit card information. The skimming activity is part of a Magecart campaign targeting e-commerce websites, according to Sucuri. “As with many other malicious or fake WordPress plugins […]
Introduction In January 2023, the Chameleon Banking Trojan emerged as a significant threat, employing various distribution methods to infiltrate the Android ecosystem, with a specific focus on users in Australia and Poland. Aptly named “Chameleon,” this Trojan showcases its adaptability through multiple new commands, including the examination of app package names. Its primary targets are […]
Dec 22, 2023NewsroomMalware / Cyber Threat Indian government entities and the defense sector have been targeted by a phishing campaign that’s engineered to drop Rust-based malware for intelligence gathering. The activity, first detected in October 2023, has been codenamed Operation RusticWeb by enterprise security firm SEQRITE. “New Rust-based payloads and encrypted PowerShell commands have been […]
The latest leak from BidenCash includes payment card credentials in plain text, but unlike the site’s previous leaks, it does not include names or emails of cardholders. BidenCash, a notorious dark web carding marketplace, has leaked over 1.6 million valid payment card data including debit and credit card details on a notorious Russian language cybercrime […]
Dec 22, 2023NewsroomSocial Engineering / Malware Analysis A new phishing campaign is leveraging decoy Microsoft Word documents as bait to deliver a backdoor written in the Nim programming language. “Malware written in uncommon programming languages puts the security community at a disadvantage as researchers and reverse engineers’ unfamiliarity can hamper their investigation,” Netskope researchers Ghanashyam […]
In its latest campaign, Iranian state-backed hackers, Peach Sandstorm, employs FalseFont backdoor for intelligence gathering on behalf of the Iranian government. Cybersecurity researchers at Microsoft Threat Intelligence Unit have uncovered the latest activities of the Iranian nation-state actor Peach Sandstorm, also known as HOLMIUM. The group has been making efforts to deploy a newly developed […]