May 13, 2024 at 03:22PM A new large-scale LockBit Black ransomware campaign has been sending millions of phishing emails since April, utilizing the Phorpiex botnet. The campaign uses ZIP attachments containing an executable deploying the LockBit Black payload to encrypt systems. The phishing emails originate from various aliases and are sent from over 1,500 unique … Read more
May 13, 2024 at 03:14PM A new large-scale LockBit Black ransomware campaign has been sending millions of phishing emails through the Phorpiex botnet since April. The attackers use ZIP attachments containing an executable that deploys the LockBit Black payload, encrypting the recipients’ systems if launched. The emails are being sent from over 1,500 unique IP … Read more
May 9, 2024 at 06:18PM Monday.com, a widely used project management platform, has removed its “Share Update” feature due to abuse by threat actors in phishing attacks. Customers received phishing emails purportedly from Monday.com’s email accounts, prompting concerns of a security breach. The company confirmed that the feature was misused, leading to its suspension, and … Read more
May 8, 2024 at 01:31PM The FBI warns of Storm-0539, a hacking group targeting retail employees’ personal and work devices with phishing attacks. Once infiltrated, the attackers move laterally through the network to compromise gift card business processes and generate fraudulent gift cards. To defend against these attacks, the FBI advises corporations to review incident … Read more
May 4, 2024 at 12:19PM APT42, an Iranian state-backed threat actor, is using social engineering, specifically posing as journalists, to breach Western and Middle Eastern corporate networks and cloud environments. The group, affiliated with Iran’s IRGC-IO, targets NGOs, media outlets, and more. They employ custom backdoors “Nicecurl” and “Tamecat” to gain access and exfiltrate data. … Read more
May 2, 2024 at 05:06PM North Korean hackers use weak DMARC configurations to impersonate organizations in phishing attacks against individuals targeted by the Kim Jong Un regime. FBI and NSA warn about APT Kimsuky’s exploiting of this vulnerability, posing significant risks. Proper DMARC, SPF, and DKIM configuration are crucial for preventing such cyber threats. Based … Read more
April 23, 2024 at 03:52PM Hackers are exploiting unpublished GitHub and GitLab comments to create convincing phishing links from legitimate open source software projects. They secretly add malware to a repository and obtain a shareable link, even if the comment is deleted. This flaw affects millions of users and can damage the credibility of the … Read more
April 16, 2024 at 01:58PM The FBI has issued a warning about a widespread smishing campaign targeting people with messages claiming they have unpaid tolls to resolve, aiming to steal credentials and defraud them. The campaign, affecting at least 3 US states and over 2,000 people, prompts users to click a link and enter sensitive … Read more
April 16, 2024 at 10:36AM Russian cybersecurity company, Positive Technologies, revealed that the threat actor TA558 is using steganography to distribute various malware like Agent Tesla, FormBook, and LokiBot. Termed SteganoAmor, the attacks mainly target Latin American sectors but have also impacted companies in Russia, Romania, and Turkey. The group is also deploying Venom RAT … Read more
April 13, 2024 at 10:05AM Giant Tiger, a Canadian retail chain, experienced a data breach in March 2024, with 2.8 million customer records leaked. The breach includes email addresses, names, phone numbers, and physical addresses. HaveIBeenPwned added the leaked database for users to check. Giant Tiger declined to name the third-party vendor responsible. Customers are … Read more