October 24, 2023 at 03:55PM Russian state and industrial organizations have been targeted in a cyber attack using a custom Go-based backdoor. Kaspersky detected the campaign in June 2023 and later found a newer version of the backdoor, indicating ongoing optimization by the attackers. The threat actors behind the attack are unknown, but Kaspersky has … Read more
October 23, 2023 at 12:42PM US energy services firm BHI Energy disclosed how the Akira ransomware gang breached their network and stole data in a recent attack. The attackers used stolen VPN credentials from a third-party contractor to gain access. They stole 767k files, including personal information such as full names, dates of birth, social … Read more
October 23, 2023 at 11:07AM The Spanish National Police dismantled a cybercriminal organization involved in various computer scams, stealing and selling the data of over four million people. Law enforcement conducted raids in multiple cities, resulting in the arrest of 34 individuals. The group used phishing techniques, made distress calls, and exploited insider positions to … Read more
October 16, 2023 at 05:37PM Discord is increasingly being used by hackers and advanced persistent threat (APT) groups to distribute malware, steal data, and target critical infrastructure. Trellix’s report highlights how Discord’s content delivery network (CDN) is utilized for delivering malicious payloads, while webhooks are abused for data theft. The report also notes that APT … Read more
October 16, 2023 at 04:37AM Discord’s content delivery network (CDN) is being exploited by threat actors to distribute the Lumma Stealer malware, which steals user credentials. The malware is spread through direct messages, offering victims Discord Nitro boost in exchange for assistance and prompting them to download a file. Lumma Stealer can steal cryptocurrency wallets … Read more
October 13, 2023 at 03:05PM French cloud service Shadow has confirmed that criminals stole a database containing customer data in a social-engineering attack against one of its employees. The stolen data includes personal information such as names, email addresses, dates of birth, billing addresses, and credit card expiration dates. The company reassured customers that no … Read more