January 9, 2024 at 10:41AM Attackers are distributing Lumma Stealer through YouTube channels featuring cracked application tutorials, using open source platforms to bypass web filters. The malware targets sensitive user information and is spread through malicious URLs in YouTube descriptions. Fortinet researchers outlined the attack process and advised caution regarding application downloads to avoid malware … Read more
January 8, 2024 at 01:29PM Threat actors are targeting medical institutions through “swatting,” a form of pressure tactic involving fake bomb threats to force hospitals to pay ransom demands. Intrusions at Fred Hutchinson Cancer Center and Integris Health illustrate the escalation in cyber-extortion tactics. It remains to be seen whether these measures will yield ransom … Read more
January 5, 2024 at 05:23PM Summary: – BleepingComputer tested a new decryptor for Black Basta ransomware. – Xerox Business Solutions suffered a cyberattack, possibly exposing personal information. – Australia’s Court Services Victoria suffered a ransomware attack, potentially exposing sensitive recordings. – The Zeppelin2 ransomware source code and builder were sold on a hacking forum. – … Read more
January 5, 2024 at 04:53PM The source code and builder for the Zeppelin ransomware strain, previously considered defunct, were sold for $500 on a Russian cybercrime forum, prompting concerns about its potential revival. The buyer’s intent to reuse the code in a similar manner to previous cases is uncertain. The sale’s motive remains unclear, as … Read more
January 5, 2024 at 12:24PM CertiK’s Twitter/X account was hijacked, redirecting 343,000 followers to a malicious website promoting a cryptocurrency wallet drainer. An investigation is underway following a social engineering attack, with rogue posts warning of vulnerabilities and leading to phishing and scams. Other high-profile accounts have faced similar breaches, underscoring the threat of cryptocurrency-related … Read more
January 4, 2024 at 02:39PM Russian hackers targeted Ukraine’s largest telecom provider, Kyivstar, in December 2023. They wiped thousands of servers and computers, causing a massive internet outage for its 25 million subscribers. Ukrainian authorities suspect the involvement of the Russian military-linked group, Solntsepek, known for attacking Ukrainian telecom targets since May 2023. Military communications … Read more
January 4, 2024 at 06:24AM Three new malicious packages discovered in the Python Package Index (PyPI) repository can deploy a cryptocurrency miner on affected Linux devices. The packages, modularseven, driftme, and catme, attracted 431 downloads before being removed. They conceal their payload, deploy a CoinMiner executable, and persistently exploit devices, evading detection and security software. … Read more
December 29, 2023 at 11:16AM Multiple malware families are exploiting an undocumented Google OAuth endpoint called “MultiLogin” to revive expired authentication cookies and infiltrate users’ accounts. This technique allows cybercriminals to gain unauthorized access to Google accounts, even after password resets or logouts. Despite being notified, Google has not responded to inquiries about this issue. … Read more
December 19, 2023 at 03:47PM Millions of Comcast Xfinity customers’ personal data was likely stolen by exploiting Citrix Bleed in October. The breach was discovered during a cybersecurity exercise on October 25, and 35.9 million people were affected. Stolen data includes usernames, hashed passwords, contact details, and secret security question-answers. Xfinity is urging customers to … Read more
December 15, 2023 at 08:18AM Ledger, a crypto hardware wallet maker, faced a security breach after former employee fell victim to a phishing attack, leading to theft of $600,000 in virtual assets. Malicious code from the compromised npm account was used to propagate crypto drainer malware to other applications. Ledger has since removed the malicious … Read more