June 11, 2024 at 03:21AM As many as 165 Snowflake customers had their data potentially exposed in a campaign targeting data theft and extortion, identified as UNC5537 by Mandiant. The group is believed to operate under various aliases, targeting organizations worldwide and collaborating with a party based in Turkey. Snowflake is taking measures to enhance … Read more
June 7, 2024 at 02:14PM Frontier Communications confirmed a cyberattack impacting 751,895 individuals, with stolen data limited to names and social security numbers. The company engaged cybersecurity experts, strengthened network security, and notified relevant authorities. Although claims of data theft affecting over 2 million people were made, the involvement of ransomware was not acknowledged by … Read more
June 6, 2024 at 02:24AM A malicious Python package called crytic-compilers was discovered on the Python Package Index, posing as a legitimate library named crytic-compile. It was designed to deliver an information stealer called Lumma. Additionally, more than 300 WordPress sites have been compromised with malicious Google Chrome update pop-ups, leading to the deployment of … Read more
June 5, 2024 at 08:43AM RansomHub is a new Ransomware-as-a-Service believed to have evolved from the defunct Knight ransomware project. It operates as a data theft and extortion group, recently targeting United Health subsidiary Change Healthcare and international auction house Christie’s. Symantec analysts found commonalities with Knight, indicating a likely derived lineage, though operated by … Read more
June 3, 2024 at 03:50PM Have I Been Pwned service added a trove of 361 million stolen credentials obtained from cybersecurity researchers who collected them from Telegram cybercrime channels. The stolen data includes username and password combinations, along with raw cookies, and was shared for free on Telegram. The credentials have affected numerous websites, and … Read more
May 31, 2024 at 11:33AM Researchers uncovered a new cybercrime group, LilacSquid, exhibiting espionage-focused behavior akin to other North Korean state-sponsored groups. LilacSquid has targeted organizations in the US, Europe, and Asia, successfully breaching software, oil and gas, and pharmaceutical companies. The group deploys customized malware, including the heavily obfuscated PurpleInk, to evade detection. From … Read more
May 28, 2024 at 02:39PM Evgeniy Doroshenko, a Russian national, has been indicted in the U.S. for wire and computer fraud. He allegedly acted as an “initial access broker,” gaining unauthorized entry to corporate networks and selling access on Russian-language cybercrime forums. The charges carry a maximum of 20 years imprisonment and a $250,000 fine … Read more
May 23, 2024 at 04:25PM Carmakal, CTO of Mandiant Consulting, highlighted the escalating threat posed by cybercriminal group Scattered Spider, implicated in high-profile casino attacks. The group’s shift to ransomware and data theft has drawn law enforcement’s focus, with arrests expected soon. Carmakal discussed the group’s unique tactics and the lasting impact on cybercrime. (50 … Read more
May 14, 2024 at 12:39PM Google has released an emergency security update for Chrome to address a zero-day vulnerability with potential for data theft, malware implantation, and more. This is the second zero-day patched within a week and the sixth this year. The update includes a patch for a high-severity out-of-bounds write in the V8 … Read more
May 10, 2024 at 07:00AM Malicious Android apps posing as popular services like Google, Instagram, and WhatsApp are stealing user credentials. These apps gain control over devices, allowing for unauthorized actions like data theft and malware deployment. Social engineering campaigns and phishing URLs are also being used to propagate Android malware, leading to increased attacks … Read more