An elite team of Iranian state-sponsored hackers successfully infiltrated hundreds of thousands of employee accounts at US companies and government agencies, according to the Feds, as part of a multiyear cyber espionage campaign aimed at stealing military secrets. The US Departments of Treasury and State are among those compromised in the elaborate campaign, which lasted […]
A flaw in the Forminator plugin impacts hundreds of thousands of WordPress sites Pierluigi Paganini April 22, 2024 Japan’s CERT warns of a vulnerability in the Forminator WordPress plugin that allows unrestricted file uploads to the server. Japan’s CERT warned that the WordPress plugin Forminator, developed by WPMU DEV, is affected by multiple vulnerabilities, including a […]
Dozens of environments and hundreds of individual user accounts have already been compromised in an ongoing campaign targeting Microsoft Azure corporate clouds. The activity is in some ways scattershot — involving data exfiltration, financial fraud, impersonation, and more, against organizations in a wide variety of geographic regions and industry verticals — but also very honed, […]
The U.S. government on Wednesday said it took steps to neutralize a botnet comprising hundreds of U.S.-based small office and home office (SOHO) routers hijacked by a China-linked state-sponsored threat actor called Volt Typhoon and blunt the impact posed by the hacking campaign. The existence of the botnet, dubbed KV-botnet, was first disclosed by the […]
Hundreds of network operators’ credentials found circulating in Dark Web Pierluigi Paganini January 30, 2024 Hundreds of compromised credentials of customers of RIPE, APNIC, AFRINIC, and LACNIC are available on the dark web, Resecurity warns. Resecurity conducted a thorough scan of the Dark Web and identified over 1,572 compromised customers of RIPE, Asia-Pacific Network Information […]
Attackers have used hundreds of fake profiles on LinkedIn — many very convincing — to target professionals at companies in Saudi Arabia, not only for financial fraud, but to convince employees in specific roles to provide sensitive corporate information. In a presentation at the Black Hat Middle East and Africa conference last month, researchers said […]
Between April 2019 and February 2023, Golshan defrauded “hundreds” of people via various online scams and digital account thefts, according to prosecutors. Over the nearly four-year period, he stole about $740,000 from more than 500 people.
App used by hundreds of schools leaking children’s data Pierluigi Paganini November 24, 2023 Almost a million files with minors’ data, including home addresses and photos were left open to anyone on the internet, posing a threat to children. During a recent investigation, the Cybernews research team discovered that IT company Appscook – which develops […]
Threat actors are targeting hundreds of banking customers in Latin America with a new variant of an existing banking Trojan that replicates the interfaces of more than 40 Mexican and Brazilian banks. The campaign is aimed at tricking infected victims into giving up two-factor authentication (2FA) and/or payment-card details so attackers can hijack their bank […]
- 1
- 2