November 9, 2023 at 09:33AM Threat actors are exploiting a zero-day vulnerability in SysAid software to gain unauthorized access to corporate servers for data theft and ransomware deployment. The vulnerability, currently known as CVE-2023-47246, was used by a threat actor group called Lace Tempest to deploy Clop ransomware. SysAid has developed a patch and urges … Read more
November 8, 2023 at 06:39AM The FBI has warned about ransomware operators using third-party vendors and services to gain initial access to victim environments. Threat actors exploit vulnerabilities in vendor-controlled remote access and legitimate system management tools to elevate permissions in victim networks. The FBI urges organizations to take measures such as creating backups, reviewing … Read more
November 4, 2023 at 12:30PM Okta attributes the recent hack of its support system to an employee who logged into a personal Google account on a company-managed laptop. The breach resulted in the theft of data from multiple Okta customers. The employee’s personal Google account credentials, including session tokens, were compromised, allowing the threat actor … Read more
October 31, 2023 at 12:22PM New US law enforcement regulations allow for the delay of public disclosure of security breaches if a written request for an extension is granted. The amendment applies to breaches involving the theft of unencrypted data belonging to at least 500 consumers. The FTC estimates that the amendment will affect approximately … Read more
October 26, 2023 at 01:47PM University researchers have developed a new exploit called iLeakage that can steal information from Apple Macs, iPhones, and iPads. The exploit targets Apple’s Safari browser and can steal secrets such as Gmail inbox data, text messages, and watch histories from YouTube. It can be launched against devices running Apple’s A-series … Read more
October 26, 2023 at 04:48AM A new threat actor called YoroTrooper, likely consisting of operators from Kazakhstan, has been identified. The group employs various tactics to hide their activities, including targeting Kazakhstani entities and using VPN exit nodes in Azerbaijan. YoroTrooper primarily uses spear-phishing and malware to steal data, and has now shifted to custom … Read more
October 24, 2023 at 03:55PM Russian state and industrial organizations have been targeted in a cyber attack using a custom Go-based backdoor. Kaspersky detected the campaign in June 2023 and later found a newer version of the backdoor, indicating ongoing optimization by the attackers. The threat actors behind the attack are unknown, but Kaspersky has … Read more
October 23, 2023 at 12:42PM US energy services firm BHI Energy disclosed how the Akira ransomware gang breached their network and stole data in a recent attack. The attackers used stolen VPN credentials from a third-party contractor to gain access. They stole 767k files, including personal information such as full names, dates of birth, social … Read more
October 23, 2023 at 11:07AM The Spanish National Police dismantled a cybercriminal organization involved in various computer scams, stealing and selling the data of over four million people. Law enforcement conducted raids in multiple cities, resulting in the arrest of 34 individuals. The group used phishing techniques, made distress calls, and exploited insider positions to … Read more
October 16, 2023 at 05:37PM Discord is increasingly being used by hackers and advanced persistent threat (APT) groups to distribute malware, steal data, and target critical infrastructure. Trellix’s report highlights how Discord’s content delivery network (CDN) is utilized for delivering malicious payloads, while webhooks are abused for data theft. The report also notes that APT … Read more