November 22, 2024 at 03:00PM A data breach at the Kumamoto Prefecture Violence Prevention Movement Center has exposed personal information of 2,500 individuals seeking help against Yakuza crime. The breach, caused by a phishing attack, raises concerns about potential threats to the safety of victims, prompting the center to alert those affected. ### Meeting Notes … Read more
September 16, 2024 at 10:35PM Chinese national, Song Wu, is accused of spear-phishing to steal sensitive software from US military and aerospace entities, including NASA. The indictment alleges that Song targeted individuals from government agencies, universities, and private companies. If convicted, Song faces a maximum penalty of 20 years in prison for each count of … Read more
May 1, 2024 at 06:24PM Hackers breached Dropbox Sign’s production systems, accessing authentication tokens, MFA keys, hashed passwords, and customer data. The company detected unauthorized access on April 24 and found that threat actors gained access to an automated system configuration tool, allowing them to access the customer database. Dropbox reset all users’ passwords and … Read more
April 5, 2024 at 12:50PM Hackers are using hijacked Facebook pages and advertisements to promote fake AI services, infecting users with password-stealing malware. The malvertising campaigns trick users into fraudulent Facebook communities, then entice them to download malicious executables. The stolen data is sold on the dark web or used for further scams. These sophisticated … Read more
February 19, 2024 at 08:38AM A 31-year-old Ukrainian cybercriminal was arrested for operating a cybercrime scheme targeting American and Canadian bank accounts. The suspect distributed trojanized software through websites and promoted them with online advertising. The hacker stole sensitive data and sold access to bank accounts on the dark web, potentially making over $92,000. The … Read more
February 2, 2024 at 11:20AM South Africa’s PRASA railway agency reported a loss of 30.6 million rand due to a phishing scam but has recovered over half the stolen amount. The incident, under police investigation, involves possible insider threats. South African firms face a rising trend of email interception fraud and digital banking fraud. Organizations … Read more
January 22, 2024 at 09:21AM Trezor issued a security alert following a data breach on January 17, revealing that unauthorized access to their support ticketing portal led to potential exposure of user information. However, no evidence has been found of compromised digital assets. Users are urged to be vigilant against phishing attacks and never disclose … Read more
January 15, 2024 at 04:19PM The U.S. Secret Service executed a seizure warrant to recover $34,000 stolen through a fake antivirus renewal email scam. The court document details how threat actors gained access to victims’ accounts by tricking them into installing malicious software and disclosing account credentials. The scam’s intensity has recently increased, leading to … Read more
January 2, 2024 at 03:46PM Orbit Chain suffered a security breach resulting in an $86 million loss, involving assets like Ether, Dai, Tether, and USD Coin. The breach, suspected to be the work of sophisticated state-sponsored attackers possibly from North Korea, prompted a collaboration with Korean authorities. Stolen funds are being tracked internationally, and caution … Read more