February 12, 2024 at 07:53AM The Caravan and Motorhome Club (CAMC) is still uncertain about whether members’ data was stolen in a January cyberattack. Forensic investigation has not confirmed data access, but potentially compromised information includes names, addresses, policy details, and personal claims data. CAMC aims to directly notify affected members and advises precautionary measures … Read more
February 12, 2024 at 05:05AM An ongoing campaign targeting Microsoft Azure corporate clouds has compromised dozens of environments and hundreds of user accounts. The attacks involve data exfiltration, financial fraud, and impersonation across various industries and geographic regions. The threat actors show sophistication and adaptability, using tailor-made phishing and diverse toolkits. To defend against this, … Read more
February 8, 2024 at 01:40PM A new version of the XLoader Android malware automatically executes on infected devices without user interaction. Operated by financially motivated threat actor ‘Roaming Mantis,’ it primarily targets users in several countries. Recent variants demonstrate the ability to launch stealthily, extracting sensitive user information and performing custom phishing attacks. McAfee advises … Read more
February 2, 2024 at 11:20AM South Africa’s PRASA railway agency reported a loss of 30.6 million rand due to a phishing scam but has recovered over half the stolen amount. The incident, under police investigation, involves possible insider threats. South African firms face a rising trend of email interception fraud and digital banking fraud. Organizations … Read more
January 23, 2024 at 12:12PM Approximately 16.6 million people had their personal information stolen in a ransomware attack on mortgage lender loanDepot. The attack forced the company to shut down systems and caused delays in payment history. The company has confirmed it will notify individuals impacted and provide free credit monitoring. This is loanDepot’s second … Read more
January 22, 2024 at 05:05PM Microsoft’s corporate systems fell victim to a cyberattack by the Russian nation-state actor behind the 2020 SolarWinds Orion software breach. The intrusion, discovered on Jan. 12, breached a small percentage of corporate email accounts, including those of senior leadership, cybersecurity, and legal teams. Microsoft pledged to enhance cybersecurity measures and … Read more
January 18, 2024 at 01:02PM Two cybercriminal groups used a French transportation company’s AWS accounts to send phishing emails, exploiting Amazon Web Services’ Simple Email Service (SES). The attackers bypassed spam filters and took advantage of SES’ features to send high volumes of emails. Cloud email attacks pose challenges in prevention and detection, with potential … Read more
January 18, 2024 at 11:03AM Google’s Threat Analysis Group (TAG) has uncovered a Russian-backed hacking group, ColdRiver, spreading previously unknown backdoor malware through fake PDF decryption tools. The malware, named Spica, allows attackers to establish control over compromised devices and steal sensitive information. Google has taken action to protect users and has linked ColdRiver to … Read more
January 18, 2024 at 09:12AM Google has warned about the Russian threat group ColdRiver known for phishing attacks and developing custom malware. Tracked as Star Blizzard, Callisto Group, and others, the group is linked to Russia’s FSB. US and UK governments have issued warnings and sanctions. Google discovered the Spica backdoor malware used for cyberespionage … Read more
January 17, 2024 at 03:39PM Microsoft warns that an Iranian hacker group, linked to the IRGC, is targeting high-profile individuals in research organizations and universities in Europe and the US using spearphishing attacks. The attackers use custom-tailored phishing emails and new backdoor malware called MediaPl to steal sensitive data and gather intelligence aligning with Iranian … Read more