January 10, 2024 at 09:51AM Sebastien Raoult, a member of the ShinyHunters hacking group, was sentenced to 3 years in prison in the U.S. for conspiracy to commit wire fraud and identity theft, with a $5,000,000 restitution order. His activities caused financial damages exceeding $6 million by stealing personal information and selling it on the … Read more
January 3, 2024 at 08:36AM Malware utilizing an undocumented Google OAuth endpoint named MultiLogin to hijack user sessions, allowing continuous access to Google services even after a password reset. Threat actor PRISMA first revealed the technique, which has been incorporated into various malware-as-a-service (MaaS) stealer families. Google acknowledges the attack and advises users to log … Read more
December 11, 2023 at 06:53AM 23andMe’s data breach revealed that 5.5 million sets of “DNA relatives” profiles were stolen, along with 1.4 million sets of Family Tree data. Additionally, hundreds of laptops stolen from a Bay Area tech company were recovered, and Henry Schein employees’ personal data was stolen in a ransomware attack. These incidents … Read more
December 4, 2023 at 10:01AM BlackBerry uncovered ‘AeroBlade’, a new hacking group targeting the U.S. aerospace sector. Using spear-phishing attacks, AeroBlade deployed reverse-shell payloads for data theft, focusing on cyber espionage. The threat evolved from testing in 2022 to sophisticated attacks in 2023, with unknown origins and objectives speculated to be selling or leveraging stolen … Read more
November 29, 2023 at 10:54AM Hackers accessed Okta’s support system and obtained names and email addresses of all customer support users, broadening the scope of the October breach. Initially thought to affect only 134 customers, the intrusion actually compromised data from all Okta WIC and CIS customers, except those in high-security government environments. No sensitive … Read more
November 28, 2023 at 10:12AM Google is disputing a security vendor’s report on a design weakness in Google Workspace that allegedly exposes users to data theft and other security issues. According to Hunters Security, a flaw in Google Workspace’s domain-wide delegation feature allows attackers to steal email, exfiltrate data, and perform unauthorized actions. Google denies … Read more
November 27, 2023 at 10:04AM Insider threats refer to the risk of authorized individuals with access to an organization’s systems or sensitive information exploiting that access in malicious ways, such as data theft, sabotage, unauthorized access, or introducing malware. Detecting and preventing such threats can be challenging because perpetrators often have legitimate credentials. Effective strategies … Read more
November 24, 2023 at 07:36AM A Taiwanese software company was breached by a North Korean threat group known as Diamond Sleet. The hackers manipulated a legitimate application installer to download and execute a malicious payload. Microsoft has detected their activity and provided indicators of compromise for detection. The threat actor is known for data theft … Read more
November 20, 2023 at 02:00AM Appin Software Security, an Indian hack-for-hire group, has been conducting espionage, surveillance, and disruptive operations targeting various countries for over a decade. The group, initially an educational startup, has been involved in covert hacking operations since at least 2009. They have targeted high-value individuals, governmental organizations, and businesses involved in … Read more
November 17, 2023 at 06:29PM Ransomware gangs are targeting vulnerable Citrix Netscaler devices using a publicly available exploit to breach large organizations, steal data, and encrypt files. The threat actors exploit the Citrix Bleed vulnerability (CVE-2023-4966). Many recent victims, including Toyota Financial Services, ICBC, DP World, Allen & Overy, and Boeing, were found to have … Read more