July 25, 2024 at 07:09AM A threat actor known as Stargazer Goblin has built a network of over 3,000 GitHub accounts to distribute malware and perform malicious activities. Operating since August 2022, the network has earned over $100,000. The accounts, collectively named Stargazers Ghost Network, distribute information-stealing malware and use various tactics to evade detection … Read more
July 23, 2024 at 05:05AM A new malware called FrostyGoop has been linked to an attack in January 2024 that disrupted heating services in 600 apartments in Lviv, Ukraine. This malware allows attackers to interact with industrial control systems using the Modbus protocol. The attack involved sending unauthorized commands to heating system controllers, resulting in … Read more
July 21, 2024 at 03:34PM Cybercriminals are using CrowdStrike’s glitchy update to target companies with data wipers and remote access tools. CrowdStrike is actively assisting affected customers, urging them to verify official communications. Phishing emails exploiting the situation have been observed by researchers and government agencies. Malicious actors are distributing malware disguised as CrowdStrike updates, … Read more
July 20, 2024 at 03:09PM UK police have arrested a 17-year-old boy in connection with the 2023 MGM Resorts ransomware attack. The suspect is linked to the Scattered Spider hacking collective, known for targeting large organizations with ransomware and breaching computer networks. The arrest was made with the assistance of US FBI and National Crime … Read more
July 17, 2024 at 04:45AM Pharmacy chain Rite Aid discloses a data breach involving 2.2 million people, with ransomware group threatening to leak stolen data. The breach, involving compromised credentials, occurred between June 6, 2017, and July 30, 2018. No Social Security or financial information was affected; affected individuals offered 12 months of free credit … Read more
July 15, 2024 at 10:06AM Over 310GB of data from spyware maker mSpy, including 2.4 million unique emails, was leaked online and obtained by data breach notification site Have I Been Pwned. The leaked data includes user information, attachments, and support tickets from high-profile individuals. mSpy, advertised as a parental control application, has been misused … Read more
July 12, 2024 at 04:02PM AT&T’s breach of a third-party cloud platform, Snowflake, exposed phone numbers and metadata of calls and texts for nearly all AT&T wireless customers and others. The data was accessed between April 14 and 25, 2023. The stolen information, including cell site identification numbers, poses risks to privacy and security, potentially … Read more
July 9, 2024 at 12:43PM Eldorado, a Go-based ransomware, targets Windows and VMware ESXi systems in the US across education, real estate, and healthcare. It offers an affiliate program, customizable attack techniques, and employs Golang for cross-platform capabilities. Its “living off the land” tactics make it evasive, while its ability to impact virtual machines poses … Read more
July 9, 2024 at 07:07AM Ongoing surveillanceware operation targets military personnel in Middle East with Android data-gathering tool GuardZoo. More than 450 victims impacted, mainly in Yemen. GuardZoo, a modified version of Dendroid RAT, has over 60 commands and uses WhatsApp for distribution. It has been using the same dynamic DNS domains for C2 operations … Read more
July 8, 2024 at 08:01AM Security researchers have identified a critical Ghostscript vulnerability (CVE-2024-29510), allowing remote code execution through a format string injection in the uniprint device. Exploited in the wild, this flaw impacts web applications and document conversion services. The issue was addressed in Ghostscript version 10.03.1, but immediate updating is strongly recommended to … Read more