July 31, 2024 at 06:09AM A new malicious campaign has utilized over 107,000 unique samples of Android apps to steal SMS messages and intercept one-time passwords (OTPs). This large-scale operation has targeted users in 113 countries, with India and Russia topping the list. Malware remains hidden, continuously monitoring new incoming messages to obtain OTPs for … Read more
April 2, 2024 at 02:40PM A misconfigured MediaWiki web server led to a data breach at the Open Web Application Security Project (OWASP) Foundation. Resumes of members from 2006 to around 2014, consisting of personal details, were accessed. OWASP is advising caution as the breached data could be used for identity fraud and phishing attempts. … Read more
February 13, 2024 at 12:31AM Infosys’s US subsidiary, IMS, suffered a cyber security incident, resulting in a data breach. Personal data of 57,028 people, including Social Security Numbers, was exposed. The breached information includes names, addresses, birth dates, and other sensitive account details, potentially putting victims at risk of identity fraud. The alleged involvement of … Read more
January 31, 2024 at 07:42AM Two individuals, Nathan Austad and Kamerin Stokes, have been indicted for their involvement in a cyberattack on a fantasy sports and betting website. They accessed and compromised approximately 60,000 user accounts through credential stuffing, stealing around $600,000 in total. They face up to 20 years in prison if found guilty. … Read more
October 26, 2023 at 11:32PM Verification platform Sumsub has released its “State of Verification and Monitoring in the Crypto Industry 2023” report, highlighting the regulations and practices surrounding crypto company verification. The report reveals increasing fraud patterns and deepfake usage, with 77% of companies experiencing new attack methods. It also identifies a shift towards non-document … Read more