June 28, 2024 at 12:52PM Ticketmaster has informed customers about a data breach involving the theft of personal data from their Snowflake database. The breach occurred between April and May, affecting millions of customers worldwide. The stolen data includes names, contact information, credit card details, and more. Ticketmaster is offering free identity monitoring and warns … Read more
June 27, 2024 at 12:24AM Cyberespionage group ChamelGang uses CatB ransomware to target high-profile organizations globally, posing challenges for attribution. Their sophisticated attacks focus on government and critical infrastructure entities, employing ransom notes and bitcoin payments. Additionally, they leverage BestCrypt and BitLocker in separate activities, impacting organizations mainly in North America, South America, and Europe. … Read more
June 26, 2024 at 06:10AM A China-backed APT group, ChamelGang, has been using ransomware to hide its cyberespionage operations for three years. Recently targeting critical infrastructure in East Asia and India, the group’s tactic aims to provide deniability and cover tracks while exfiltrating data. ChamelGang’s focus on data theft and cyberespionage is attributed to geopolitical … Read more
June 25, 2024 at 07:51AM A new threat actor named Boolka has been targeting websites with malicious scripts to distribute a trojan called BMANAGER. Using SQL injection attacks since 2022, Boolka infects sites with JavaScript capable of capturing user data. The trojan deploys multiple modules to steal sensitive information and establishes persistence on the host. … Read more
June 24, 2024 at 01:38PM Four Vietnamese nationals linked to the cybercrime group FIN9 have been indicted for causing over $71 million in losses to U.S. companies. The defendants carried out cybercrimes from May 2018 to October 2021, using phishing campaigns and supply chain attacks to steal data and funds. They face multiple charges, with … Read more
June 17, 2024 at 09:03AM Spanish police arrested the alleged leader of cybercrime gang Scattered Spider before he could board a flight to Naples. Suspect, a 22-year-old British national, is linked to attacks on 45 US companies and has amassed a fortune through cybercrime. The group is known for SIM-swapping and ransomware attacks and continues … Read more
June 17, 2024 at 02:42AM The notorious cyber gang UNC3944, implicated in recent attacks on Snowflake and MGM Entertainment, is now targeting SaaS applications. They have shifted to primarily focusing on data theft extortion without using ransomware and employ social engineering tactics to compromise high-privilege accounts. UNC3944 has expanded its targets to include various SaaS … Read more
June 16, 2024 at 12:54AM Law enforcement authorities have arrested a 22-year-old man, believed to be a key member of the cybercrime group “Scattered Spider.” The arrest, in Palma de Mallorca, was a joint effort between the FBI and the Spanish Police. The individual is associated with high-profile ransomware attacks and SIM-swapping activities. This is … Read more
June 14, 2024 at 11:06AM Scattered Spider gang, also known as Octo Tempest, engages in social engineering attacks to steal data from SaaS apps. They use SMS phishing and SIM swapping for on-premise access. Their tactics expanded to cloud infrastructures without ransomware. They create new virtual machines, disable security protections, and exfiltrate data to cloud … Read more
June 13, 2024 at 10:14PM Microsoft delays AI-powered Windows Recall feature initially set for a public preview on Copilot+ PCs to seek further testing and security. Amid concerns over privacy and security, it will now first be available for preview with Windows Insiders. This follows criticism and efforts to enhance security, including making the feature … Read more