Thousands of Car Dealerships Stalled Out After Software Provider Cyberattack

June 20, 2024 at 06:01PM A supply chain cyberattack on CDK Global forced numerous car dealerships to close on a busy sales day. Some dealerships lost online access, while others relied on paper records. CDK took systems offline as a precaution and is conducting tests for restoration. Security experts suspect ransomware and suggest ongoing cyber … Read more

New Warmcookie Windows backdoor pushed via fake job offers

June 11, 2024 at 11:20AM A new Windows malware called ‘Warmcookie’ is being spread through fake job offer phishing campaigns to infiltrate corporate networks. It is capable of machine fingerprinting, screenshot capturing, and deploying additional payloads. The threat actors create new domains weekly and utilize compromised infrastructure to send phishing emails. Warmcookie gathers victim information, … Read more

Cybercriminals pose as “helpful” Stack Overflow users to push malware

May 29, 2024 at 07:25PM Cybercriminals have been using Stack Overflow to spread malware, posing as helpful contributors answering users’ questions about a PyPi package named ‘pytoileur’ which actually installs Windows information-stealing malware. This malicious package is part of the ‘Cool package’ campaign and was promoted through typo-squatting and Stack Overflow answers. Developers are urged … Read more

Arc browser’s Windows launch targeted by Google ads malvertising

May 25, 2024 at 07:33PM Cybercriminals capitalized on the release of the Arc web browser for Windows by launching a Google Ads malvertising campaign, tricking users into downloading trojanized installers that infect them with malware. The malicious ads led to typo-squatted domains, where users unknowingly downloaded malware through trojanized installers. Malwarebytes recommends caution and verification … Read more

New BiBi Wiper version also destroys the disk partition table

May 20, 2024 at 12:10PM The BiBi Wiper malware’s new variants are targeting Israeli and Albanian systems, linked to an Iranian hacking group named ‘Void Manticore.’ Check Point Research uncovered newer variants and operational overlaps involving another Iranian threat group. The malware is designed to complicate data restoration efforts, significantly extending downtime for targeted victims … Read more

Woman Accused of Helping North Korean IT Workers Infiltrate Hundreds of US Firms

May 17, 2024 at 05:54AM The US government has charged, seized funds, and made arrests in an effort to disrupt a North Korean scheme involving IT workers infiltrating companies. The workers stole identities to secure jobs and diverted their earnings to fund North Korea’s nuclear program. Two individuals have been arrested, with rewards offered for … Read more

Five charged for cyber schemes to benefit North Korea’s weapons program

May 16, 2024 at 03:24PM The U.S. Justice Department charged five individuals, including a U.S. citizen and a Ukrainian man, for involvement in cyber schemes benefitting North Korea’s nuclear weapons program. Two were arrested and face charges related to fraud, identity theft, and money laundering. The scheme compromised over 60 U.S. identities and generated at … Read more

Nissan North America data breach impacts over 53,000 employees

May 15, 2024 at 03:37PM Nissan North America experienced a data breach in November 2023. A threat actor targeted the external VPN, accessing personal data of over 53,000 employees, including Social Security numbers. Nissan promptly notified law enforcement, contained the incident, and offered affected individuals 24-month credit monitoring and identity theft protection. This is among … Read more

Massive webshop fraud ring steals credit cards from 850,000 people

May 8, 2024 at 10:53AM A massive network of 75,000 fake online shops named ‘BogusBazaar’ based in the US and Europe scammed over 850,000 victims, aiming to process $50 million in fake orders. Stolen credit card details were also sold on dark web markets. The operation, with a Chinese base, features decentralized operations and malicious … Read more

Critical GitLab Bug Under Exploit Enables Account Takeover, CISA Warns

May 3, 2024 at 12:22PM CISA reports an active attack targeting GitLab’s CVE-2023-7028 vulnerability, enabling bad actors to reset account passwords and take control. The severity of the bug necessitates prompt action and patching. Security experts emphasize the importance of multifactor authentication, zero-trust architecture, and privileged access management to counter the exploit and safeguard against … Read more