May 17, 2024 at 05:54AM The US government has charged, seized funds, and made arrests in an effort to disrupt a North Korean scheme involving IT workers infiltrating companies. The workers stole identities to secure jobs and diverted their earnings to fund North Korea’s nuclear program. Two individuals have been arrested, with rewards offered for … Read more
May 16, 2024 at 03:24PM The U.S. Justice Department charged five individuals, including a U.S. citizen and a Ukrainian man, for involvement in cyber schemes benefitting North Korea’s nuclear weapons program. Two were arrested and face charges related to fraud, identity theft, and money laundering. The scheme compromised over 60 U.S. identities and generated at … Read more
May 15, 2024 at 03:37PM Nissan North America experienced a data breach in November 2023. A threat actor targeted the external VPN, accessing personal data of over 53,000 employees, including Social Security numbers. Nissan promptly notified law enforcement, contained the incident, and offered affected individuals 24-month credit monitoring and identity theft protection. This is among … Read more
May 8, 2024 at 10:53AM A massive network of 75,000 fake online shops named ‘BogusBazaar’ based in the US and Europe scammed over 850,000 victims, aiming to process $50 million in fake orders. Stolen credit card details were also sold on dark web markets. The operation, with a Chinese base, features decentralized operations and malicious … Read more
May 3, 2024 at 12:22PM CISA reports an active attack targeting GitLab’s CVE-2023-7028 vulnerability, enabling bad actors to reset account passwords and take control. The severity of the bug necessitates prompt action and patching. Security experts emphasize the importance of multifactor authentication, zero-trust architecture, and privileged access management to counter the exploit and safeguard against … Read more
April 26, 2024 at 10:23AM A campaign named “Dev Popper” is targeting developers with fake job interviews to trick them into downloading and running a Python remote access trojan (RAT), enabling the threat actors to gather system information and gain remote access. Analysts suspect North Korean involvement based on observed tactics. Similar tactics have been … Read more
April 22, 2024 at 06:34PM Microsoft warned that the Russian APT28 threat group exploits a Windows Print Spooler vulnerability using a new hacking tool called GooseEgg. APT28 has used GooseEgg since June 2020, potentially earlier, to launch malicious payloads, escalate privileges, and attack government and non-governmental organizations. APT28 has a history of high-profile cyber attacks. … Read more
April 9, 2024 at 10:09AM The US government is offering bounties for information on ransomware gangs, but challenges remain in collecting information due to rigorous conditions and low payouts. Concerns are raised about the effectiveness of a criminal law enforcement approach in addressing ransomware attacks, compounded by the potential involvement of adversarial nations like Russia. … Read more
April 5, 2024 at 12:50PM Hackers are using hijacked Facebook pages and advertisements to promote fake AI services, infecting users with password-stealing malware. The malvertising campaigns trick users into fraudulent Facebook communities, then entice them to download malicious executables. The stolen data is sold on the dark web or used for further scams. These sophisticated … Read more
March 27, 2024 at 06:17PM A targeted multi-factor authentication bombing campaign is targeting Apple device owners, bombarding them with password reset requests. It aims to exhaust users into accidentally allowing a password reset and includes sophisticated tactics such as spoofed support calls. Users are advised to be cautious and vigilant in responding to unexpected alerts … Read more