April 29, 2024 at 04:46PM Credential-stuffing attacks on online services are rising, leading to Okta advising its users. Okta’s researchers noticed a surge in attacks on Okta accounts from April 19 to 26. Attacks use anonymous devices like Tor and residential proxies such as NSOCKS, Luminati, and Datalmpulse. Okta introduced a feature to block such … Read more
April 18, 2024 at 04:04PM The FIN7 threat group recently conducted a spear-phishing attack on a major US-based automotive manufacturer, using a malicious URL to install the Anunak backdoor and gain initial access to high-level IT employee accounts. BlackBerry’s threat and research team halted the attack before ransomware deployment. FIN7 has expanded its targets beyond … Read more
April 4, 2024 at 05:01AM The UK National Cyber Security Centre warns that the use of artificial intelligence (AI) in cybercrime will increase the volume and impact of attacks. Cybersecurity firm Sophos also highlights the potential for AI to enable large-scale scam campaigns, demonstrating how AI can be used to create convincing content to lure … Read more
March 15, 2024 at 02:08PM The U.S. Department of Justice has recovered $2.3 million in cryptocurrency related to a pig butchering fraud scheme. The scam involved deceiving victims into depositing cryptocurrency into fake investment sites, resulting in significant financial losses. The DOJ traced the recovered funds to 36 victims across the country. The FBI warned … Read more
March 12, 2024 at 04:03PM Sensitive data on businesses and individuals in South Africa is at risk following a recent cyberattack on the Companies and Intellectual Property Commission (CIPC) agency. Little specific information has been shared about the exposed data, raising concerns among security experts about the potential consequences and urging proactive communication with affected … Read more
February 13, 2024 at 02:15AM Threat actors are exploiting a security flaw in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy a backdoor called DSLog. The flaw (CVE-2024-21893) allows access to restricted resources without authentication. Orange Cyberdefense observed attacks targeting an unnamed customer and recommends factory resetting Ivanti devices to prevent continued exploitation. … Read more
February 12, 2024 at 02:17PM A recent phishing campaign targeting Microsoft Azure has compromised hundreds of user accounts, including those of senior executives. The hackers aim to access confidential information and launch more attacks within the breached organization. Proofpoint has issued an alert with details of the attacks and defense measures, including monitoring user-agent strings … Read more
January 31, 2024 at 02:20PM Ransomware payments dropped to 29% in Q4 2023, down from 85% in 2019. Coveware attributes the decline to increased awareness and reluctance to trust data kidnappers due to high-profile incidents where payments led to nothing. A payment ban is discouraged, with reporting requirements and changing victim incentives seen as more … Read more
January 29, 2024 at 11:12AM Canadian cybercriminal Matthew Philbert, 33, was sentenced to two years in prison for ransomware and cyberattacks against Canadian businesses, government entities, and individuals. He launched attacks on over 1,000 entities, using phishing emails and receiving Bitcoin payments. Philbert’s actions could have impacted medical services and he provided stolen credentials to … Read more
January 26, 2024 at 11:03AM 23andMe admitted to failing to detect malicious activity for 5 months while attackers exploited user accounts using credential stuffing techniques. The breach exposed data from 6.9 million individuals with DNA Relatives enabled. The company started mandating two-factor authentication only after the breach, and blamed users’ negligence for the incident. The … Read more