Security
Chinese Hackers Steal Microsoft Signing Key to Target Govt. Orgs.
In April, Chinese hackers named Storm-0558 stole a Microsoft signing Key & used that key to break into the Government account from the Windows crash dump after…
U.S. Government Email Service Hacked in a Targeted Campaign
The threat intelligence solution firm Mandiant reports that Chinese hackers excessively targeted & broke into government & government-linked organizations in recent attacks that targeted Barracuda Email Security…
Linkedin Accounts Breached in a Hijacking Campaign
A report by Cyber intelligence firm, Cyberint mention numerous users have been complaining about their Linkedin accounts getting hacked or being lockout of their accounts and are…
Hacktivist Groups Exploit Diverse Funding Techniques for Political Operations
According to the cyberintelligence firm KELA report, hacktivist groups that work for political motives benefit from a variety of funding methods to carry out their operations. The…
MOVEit Releases Patches for Several High-severity Security Vulnerabilities
Last month, it was discovered that threat actors, particularly the Clop ransomware group exploited a zero-day vulnerability in the Progress MOVEit File Transfer software. The MOVEit vulnerability…
BlackCAT Ransomware Group Pushes Malicious Installers via Malvertising
Security researchers at Trend Micro discovered that the BlackCAT, also known as ALPHV, is running malware-filled advertisement activities to entice people into fake websites that look like…
Threat Actors Use Trojanized Super Mario 3 Game Installer to Spread Malware
Security researchers at Cyble found that the threat actors are distributing an altered Super Mario 3: Mario Forever installer sample as a self-extracting archive executable through undisclosed…
Massive Data Breach: Over 100K Chat GPT Accounts Stolen, Warns Group IB
Cybersecurity researchers at Group IB reported that they had spotted more than a hundred thousand information Stealer logs on several underground websites containing Chat GPT accounts. For…
Russian Hacker Group Shuckworm Still Targeting Ukraine Security Orgs
Security analysts at Symantec, a part of Broadcom, reported that the Russian state-funded hacker group Gamaredon aka Shuckworm, is still targeting Ukraine's security organizations, such as military…
Royal Ransomware Uses the Blacksuit Encryptor to Attack Enterprises
Royal Ransomware is a ransomware group consisting of the pen-testers and the ones associated with Conti Team 1, and the other recruits from the other ransomware gangs…
Atomic Wallet’s Compromise Leads to Millions of Stolen Cryptocurrencies
A couple of days ago, Atomic Wallet tweeted it had received reports about the compromised wallets and had started the investigation. The developers of Atomic Wallet have…
The Dark Pink Hackers Group Targeting Military & Government Organizations
Security researchers at Group IB analyzed recent attacks and found that the Dark Pink APT hacking group continues to remain active in 2023 and has been targeting…
WordPress Plugin Exploit: Massive Attacks Target Beautiful Cookie Consent Banner
The WordPress security company, Defiant observed the attacks that target an Unauthorised Stored Cross-Site Scripting (XSS) exploit in a WordPress plugin named Beautiful Cookie Consent Banner, which…
CISA Warns of Samsung Devices’ Security Flaw, Allowing Android ASLR Bypass
U.S.A.'s Cybersecurity & Infrastructure Security Agency (CISA) has warned about a security flaw affecting Samsung devices. The devices have been used in attacks to bypass Android address…
Threat Actor Exploits Microsoft Azure to Gain Access to Virtual Machines
Cyber security firm Mandiant traced a financially motivated cyber attacker named UNC3944 who is using phishing & SIM swapping to take control of Microsoft Azure admin accounts…
Cactus Ransomware Exploiting VPN Weakness to Target Big Enterprises
Cactus Ransomware Exploits VPN Weaknesses, Utilizes Unique Encryption Methods to Avoid Detection, Warns Kroll Security Researchers
