July 5, 2024 at 01:11PM Threat actors have leaked alleged Ticketmaster barcode data for 166,000 Taylor Swift Eras Tour tickets, threatening to release more if a $2 million extortion demand isn’t met. The data breach occurred via Snowflake, impacting multiple organizations including Neiman Marcus and the Los Angeles Unified School District. Ticketmaster has not confirmed … Read more
July 4, 2024 at 09:10AM Conceptworld Corporation, an India-based software company, was found to be distributing information-stealing malware with its software products. Researchers from Rapid7 discovered that the installation packages of their tools, Notezilla, RecentX, and Copywhiz, had been Trojanized. Despite replacing the malicious installers, users were unknowingly exposed to the dllFake malware, capable of … Read more
June 27, 2024 at 11:56PM After its website shutdown, Polyfill.io’s owner battles accusations of distributing suspicious code on various websites. Anger-fueled social media posts target CDN titan Cloudflare and media for “malicious defamation.” Experts and a domain registrar warn of supply chain risks. The site has relocated to polyfill[.]com. Cloudflare also launches a JavaScript URL … Read more
June 27, 2024 at 10:39AM P2PInfect, a peer-to-peer botnet, has shifted from being dormant to a financially motivated operation, targeting misconfigured Redis servers with ransomware and cryptocurrency miners. It spreads by transforming victim systems into follower nodes and has been updated to target MIPS and ARM architectures. The malware uses a mesh network to push … Read more
June 15, 2024 at 01:15PM The newly discovered Linux malware named ‘DISGOMOJI’ uses emojis for executing commands on infected devices in attacks on Indian government agencies, related to a Pakistan-based threat actor known as ‘UTA0137.’ This novel approach allows the malware to potentially bypass security software. DISGOMOJI maintains persistence on devices and aims to exfiltrate … Read more
June 5, 2024 at 04:21PM Club Penguin fans hacked a Disney server and initially stole 2.5 GB of internal corporate data, including old Club Penguin information. The breach also revealed more recent and critical data about Disney’s corporate strategies and projects. The hackers accessed Confluence using exposed credentials and obtained documents about developer tools and … Read more
May 31, 2024 at 11:51AM ShinyHunters, a notorious threat actor, is allegedly selling a massive trove of Santander Bank’s data, impacting 30 million customers and employees. This follows a recent data breach affecting the bank. ShinyHunters is known for similar activities and has a history of selling stolen data from various companies. The legitimacy of … Read more
May 9, 2024 at 05:52PM The “Careto” APT group, inactive for over a decade, has reemerged in cyber-espionage targeting entities in Latin America and Central Africa. Kaspersky researchers have identified previous victims and new targets, emphasizing the need to remain vigilant against long-dormant APTs. The group’s sophisticated attacks involve custom techniques and versatile implants, showcasing … Read more
May 3, 2024 at 11:49AM NATO, EU, and partners condemn Russian threat group APT28’s cyber espionage campaign targeting European countries, including Germany and Czechia. The attacks compromised email accounts and targeted various government authorities, companies, and critical infrastructure. NATO warns about recent Russian hybrid activities impacting multiple Allied countries. APT28 has been linked to high-profile … Read more
April 26, 2024 at 10:18AM Sekoia reports that over 90,000 unique IP addresses are still infected with a self-spreading PlugX worm variant, attributed to a China-linked threat actor. The malware spreads through infected USB drives, creating potential risks for data exfiltration and surveillance, especially in regions strategically important to China’s Belt and Road Initiative. Sekoia … Read more