A notorious Russian APT group has been stealing credentials for years by exploiting a Windows Print Spooler bug and using a novel post-compromise tool known as “GooseEgg,” Microsoft has revealed. APT28 (aka Strontium, Forest Blizzard) has been using GooseEgg since potentially as far back as April 2019 to exploit CVE-2022-38028, Microsoft said in a new […]
Former Google engineer Linwei Ding has been charged with stealing trade secrets related to artificial intelligence (AI) and supercomputing data centres while secretly working for Chinese companies.
Man sentenced to six years in prison for stealing millions in cryptocurrency via SIM swapping Pierluigi Paganini February 01, 2024 A US man has been sentenced to federal prison for his role in a fraudulent scheme that resulted in the theft of millions of dollars through SIM swapping. Daniel James Junk (22) of Portland was […]
Jan 03, 2024NewsroomMalware / Data Theft Information stealing malware are actively taking advantage of an undocumented Google OAuth endpoint named MultiLogin to hijack user sessions and allow continuous access to Google services even after a password reset. According to CloudSEK, the critical exploit facilitates session persistence and cookie generation, enabling threat actors to maintain access […]
Reportedly, the ransomware operators breached HSE by stealing passwords for HSE’s systems from an unprotected cloud storage instance. So far, the organization has not received a ransom demand but stated that it might be too early for this.