Autodesk is hosting malicious PDF files that lead phishing attack victims to have their Microsoft login credentials stolen. The elaborate phishing campaign behind these attacks is much more convincing than normal, as it uses compromised email accounts to find and attack new targets. These accounts are used to send phishing emails to existing contacts, using […]
“Test files” associated with the XZ Utils backdoor have made their way to a Rust crate known as liblzma-sys, new findings from Phylum reveal. liblzma-sys, which has been downloaded over 21,000 times to date, provides Rust developers with bindings to the liblzma implementation, an underlying library that is part of the XZ Utils data compression […]
The Vedalia APT group has ingeniously utilized LNK files with double extensions, effectively masking the malicious .lnk extension. This tactic deceives users into believing the files are harmless, increasing the likelihood of execution.
Highly sensitive files mysteriously disappeared from EUROPOL headquarters Pierluigi Paganini April 03, 2024 A batch of highly sensitive files containing the personal information of top Europol executives mysteriously disappeared last summer The website Politico reported that the Europol has suffered a serious security breach, a batch of sensitive files of top law enforcement officials, including […]
Files encrypted by Rhysida ransomware can be successfully decrypted, due to a implementation vulnerability discovered by Korean researchers and leveraged to create a decryptor. Rhysida and its ransomware Rhysida is a relatively new ransomware-as-a-service gang that engages in double extortion. First observed in May 2023, it made its name by attacking the British Library, the […]
Cisco Talos obtained executable code capable of decrypting files affected by the Babuk Tortilla ransomware variant, allowing Talos to extract and share the private decryption key used by the threat actor. Cisco Talos shared the key with our peers at Avast for inclusion in the Avast Babuk decryptor released in 2021. The decryptor includes all […]
Swiss Air Force sensitive files stolen in the hack of Ultra Intelligence & Communications Pierluigi Paganini January 08, 2024 Documents belonging to the Swiss Air Force were leaked on the dark web as a result of cyberattack on a US security provider. Documents belonging to the Swiss Air Force were leaked on the dark web […]
The exposed API tokens had write permissions, allowing attackers to modify files in account repositories and potentially manipulate existing models, posing a significant threat to organizations and their applications.
The LockBit 3.0 ransomware group successfully encrypted files and also allegedly exfiltrated data from Egyptian e-payment provider Fawry. Word of the breach went public when LockBit published on its dedicated leak site on Nov. 8 a sample of data that was allegedly stolen during the breach of Fawry’s infrastructure. The following day, cybersecurity monitoring platform […]
- 1
- 2