New Linux Malware ‘sedexp’ Hides Credit Card Skimmers Using Udev Rules

August 25, 2024 at 02:36AM Cybersecurity researchers have discovered a stealthy Linux malware called sedexp, utilized by financially motivated threat actors since 2022. Noteworthy for using udev rules to maintain persistence, the malware runs upon system reboot, enabling remote access and memory modification to conceal its presence. It has been observed hiding credit card scraping … Read more

After nearly 3B personal records leak online, Florida data broker confirms it was ransacked by cyber-thieves

August 16, 2024 at 04:55PM Millions of individuals’ sensitive personal info, including names, Social Security numbers, addresses, and phone numbers, was stolen from Florida-based National Public Data (NPD) and leaked on the dark web. The stolen info was gathered from public records, and the breach resulted in the sale and distribution of the data. NPD … Read more

TAG-100: New Threat Actor Uses Open-Source Tools for Widespread Attacks

July 18, 2024 at 06:27AM Unknown threat actors are suspected of conducting a cyber espionage campaign using open-source tools to target government and private sector organizations across at least ten countries. The group has been observed exploiting known security flaws to gain initial access and deploying various open-source remote access capabilities and exploits. The attacks … Read more

New ‘Brokewell’ Android Malware Spread Through Fake Browser Updates

April 26, 2024 at 07:00AM Fake browser updates are being used to distribute an undisclosed Android malware dubbed Brokewell, described as a modern banking trojan with data-theft and remote-control capabilities. The malware disguises itself as popular apps like Google Chrome, ID Austria, and Klarna and shows resilience in evading Google’s security restrictions. The threat is … Read more

Cybercriminals Flood Dark Web With X (Twitter) Gold Accounts

January 3, 2024 at 05:08PM Cybercriminals are targeting verified “Gold” accounts on X (previously known as Twitter) and selling them on the Dark Web for up to $2,000. CloudSEK researchers have uncovered a surge in these accounts on underground marketplaces, leading to potential risks such as hosting phishing links, launching disinformation campaigns, and financial scams. … Read more