MacOS Malware Targets Bitcoin, Exodus Cryptowallets

January 23, 2024 at 04:11PM Fresh malware targeting Apple users in the US and Germany is infecting Bitcoin and Exodus cryptowallet applications through pirated software. Kaspersky researchers state that the malware can replace these applications with infected versions to steal recovery phrases and passwords, allowing attackers to control victims’ digital wallets. They advise against downloading … Read more

Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs

January 19, 2024 at 07:54PM Russian government-backed hackers infiltrated Microsoft’s network, accessing senior executives’ emails and attachments in cybersecurity and legal departments. Microsoft’s security team detected the attack in January 2024, tracing it back to November 2023. The intrusion did not exploit vulnerabilities in Microsoft’s products or access customer environments. The company will notify customers … Read more

Bangladeshi Elections Come into DDoS Crosshairs

January 18, 2024 at 12:19PM In late 2023, Bangladesh experienced a surge in distributed denial-of-service (DDoS) attacks, particularly targeted towards key industries and the national election. The attacks were aimed at disrupting communication channels and information flow, possibly to manipulate voter communication and compromise the credibility of the electoral process. The Smart Election app, used … Read more

Microsoft: Iranian APT Impersonating Prominent Journalist in Clever Spear-Phishing Attacks

January 17, 2024 at 01:30PM Microsoft has uncovered a sophisticated spear-phishing campaign by the ‘Mint Sandstorm’ hackers, associated with Iran’s military intelligence. The attacks target high-profile individuals in Middle Eastern affairs, using impersonation of journalists and benign emails to build trust before delivering malicious content. The hackers utilize compromised accounts to send phishing lures and … Read more

178K+ SonicWall Firewalls Vulnerable to DoS, RCE Attacks

January 16, 2024 at 11:51AM Two unauthenticated denial-of-service (DoS) vulnerabilities, CVE-2022-22274 and CVE-2023-0656, threaten the security of SonicWall next-generation firewall devices. Attackers can exploit these flaws to crash devices or execute remote code. Vulnerable SonicWall series 6 and 7 firewalls are at risk. Administrators are urged to update to the latest firmware to mitigate potential … Read more

Balada Injector Infects Over 7,100 WordPress Sites Using Plugin Vulnerability

January 15, 2024 at 11:44AM Thousands of WordPress sites are affected by the Balada Injector malware, exploiting a vulnerability in the Popup Builder plugin. The campaign, active since 2017, aims to redirect visitors to fraudulent pages and push notification scams. The attackers establish persistent control by adding backdoors and malicious plugins. The issue was addressed … Read more

The Week in Ransomware – January 12th 2024 – Targeting homeowners’ data

January 12, 2024 at 05:13PM Ransomware gangs are targeting mortgage lenders, with recent attacks on loanDepot, Mr. Cooper, and title insurance companies. The Toronto Zoo and Tigo Business were also hit. In a positive turn, a Dutch police operation led to the arrest of a ransomware operator. The week also saw the discovery of new … Read more

Medusa Ransomware on the Rise: From Data Leaks to Multi-Extortion

January 12, 2024 at 09:18AM The emergence of Medusa ransomware, notorious for targeting various industries, has led to increased activity, including the launch of a data leak site. Victims are given options such as time extension or data deletion, each with a price tag. With a focus on multi-extortion and professional tactics, this highlights the … Read more

Halara probes breach after hacker leaks data for 950,000 people

January 11, 2024 at 03:28PM Popular athleisure clothing brand Halara is investigating a data breach after the alleged leak of almost 950,000 customers’ data on a hacking forum. The Hong Kong-based company, known for its TikTok promotions, is working to address the situation. The leaked data is said to contain personal information, prompting concerns about … Read more

Finland warns of Akira ransomware wiping NAS and tape backup devices

January 11, 2024 at 10:16AM NCSC-FI warns of increased Akira ransomware attacks in December, targeting Finnish companies and wiping backups. The attacks exploited a vulnerability in Cisco VPNs, allowing unauthorized access to networks. The agency advises switching to offline backups and updating Cisco ASA and FTD to prevent further attacks. They emphasize the need for … Read more