June 19, 2024 at 01:29PM A phishing-as-a-service operation is targeting financial firms using advanced tactics such as 2FA bypass, QR codes, and typosquatting to compromise Microsoft 365 accounts. The origin of the campaign was traced to a platform called ONNX Store, which operates through Telegram bots. Countermeasures include blocking unverified PDF and HTML attachments, implementing … Read more
May 7, 2024 at 06:36AM Google has simplified the process of enabling two-factor authentication (2FA) for users with personal and Workspace accounts. The update includes a new two-step method and removal of the need for less secure SMS-based authentication. Additionally, users can now disable 2FA without having their enrolled second steps automatically removed. Meeting Notes … Read more
May 2, 2024 at 10:25AM CISA is mandating federal agencies to patch a critical vulnerability in GitLab to prevent active exploitation by attackers. The vulnerability, CVE-2023-7028, allows unauthorized account takeovers and poses a risk of software supply chain attacks. GitLab has released fixed versions, and those with two-factor authentication are safe. Currently, around 2,149 GitLab … Read more
April 12, 2024 at 11:06AM Roku disclosed two separate incidents of account breaches in March, with approximately 576,000 accounts compromised in the latest attack. Threat actors utilized stolen login information from other platforms to execute credential stuffing attacks. While some accounts were used for unauthorized purchases, Roku confirmed no sensitive information was accessed. Additionally, the … Read more
March 29, 2024 at 04:32PM A large infostealer malware campaign targets gaming communities, collecting millions of logins from various gaming websites including cheat users. Phantom Overlay developer discovered a database with gaming-related accounts, estimating several million affected gamers. Activision Blizzard advises 2FA to secure compromised accounts. The company’s servers remain secure and uncompromised amidst the … Read more
January 15, 2024 at 12:41PM GitLab admins must urgently apply the latest security patches due to a critical account-bypass vulnerability (CVE-2023-7028) impacting versions 16.1.0 to 16.7.1. Attackers can exploit it to send password reset emails and potentially take over accounts. Enabling 2FA is recommended as a stop-gap mitigation. Other vulnerabilities (CVE-2023-5356, CVE-2023-4812, CVE-2023-6955, and CVE-2023-2030) … Read more
January 13, 2024 at 09:31PM A 29-year-old Ukrainian man was arrested for orchestrating a massive cryptojacking scheme, using hacked accounts to create 1 million virtual servers and mine $2 million in cryptocurrency. Europol, in collaboration with Ukrainian authorities, tracked down the hacker, who is now facing criminal charges under the Criminal Code of Ukraine. Mitigating … Read more
January 11, 2024 at 09:21AM Mandiant’s social media account on platform X was hacked, resulting in a cryptocurrency theft campaign generating over $900,000 for cybercriminals. The attack involved promoting a fake website. The company’s investigation revealed a compromised password attack, leading to changes in their security process. Mandiant detailed the ClinkSink campaign and identified numerous … Read more
January 11, 2024 at 04:01AM Mandiant’s X account was compromised by a brute-force attack, enabling the intruder to spread a cryptocurrency drainer called CLINKSINK. The attack targeted Solana cryptocurrency users and utilized phishing pages to redirect victims to approve fraudulent transactions. This incident reflects a growing trend of financially motivated threat actors targeting cryptocurrency assets … Read more
January 10, 2024 at 05:26PM Mandiant, a cybersecurity firm and Google subsidiary, had its Twitter account hijacked by a Drainer-as-a-Service gang. The attacker redirected over 123,000 followers to a phishing page to steal cryptocurrency, with an estimated minimum of $900,000 in assets stolen. Verified organizations like the U.S. Securities and Exchange Commission have also been … Read more