On 24th March (Thursday), Google’s threat analysis group (TAG) released a statement that disclosed details about the activity of two North Korean based hacker groups, who had exploited Chrome’s zero-day vulnerability to target several fintech, news media, IT and cryptocurrency firms.
Previously, the attackers carried out two campaigns, namely Operation Dream Job and Operation Apple…
Researchers have discovered a new phishing tactic
March 24, 2022
Passwords and other sensitive information can now be easily obtained using a variety of phishing methods. However, a new phishing tactic known as the BitB attack has recently been uncovered, and it is so perfectly crafted that most people would fall for it.
This method entails creating a bogus pop-up login window that displays on a website. By combining HTML with CSS, threat actors create a…
FBI sees Russian hackers eyeing US energy firms
March 23, 2022
Amidst the ongoing Ukraine-Russia war, the FBI has disclosed that there is a growing amount of interest shown by Russian hackers in US-based energy firms, although there are no signs of a cyberattack being planned for the time being.
The FBI advisory accessed by Associated Press on Tuesday (March 22) also revealed that the Russian cyberattackers have examined atleast five energy companies for…
LAPSUS$, a data extortion hacking group that recently targeted Nvidia and Samsung, has stated that it has also targeted Microsoft, LG, and Okta.
According to El Chapuzas Informatico, around 90 percent of the information from Bing Maps was stolen in the Microsoft hacks, while approximately 45 percent was obtained from Bing and Cortana. The extortion group released a torrent for a 9 GB zip file…
Ransomware-as-a-Service group targets critical US assets
March 22, 2022
In a recently released cybersecurity advisory, the FBI revealed that Avoslocker, the Ransomware-as-a-Service group that surfaced in mid-2021, was responsible for targeting US-based critical infrastructure across multiple sectors. The statement was jointly authored by the US Treasury Department and the Financial Crimes Enforcement Network (FinCEN).
The press release also shed light on the modus…
A new UI redressing technique, know as Browser In The Browser (BITB), has given phishing a shot in the arm by making such attacks nearly untraceable in their design. This method is used to steal login credentials by juxtaposing a realistic replica of a third-party SSO login window that is usually redirected by a website’s login page (Instagram, Facebook, Twitter etc.). For instance, if a…
Ukraine continues to battle DDOS attacks
March 21, 2022
Since the onset of the war on Feb. 24, the Ukraine government has tallied 3,000 DDOS strikes, including a one-day high of 275.
The State Service of Special Communication and Information Protection of Ukrainesays: “Russia’s aggression, the intensity of cyberattacks against Ukraine’s vital information infrastructure hasn’t decreased. While Russian missiles are…
Cryptocurrency funding has become a viable way to support Ukraine in its ongoing war against Russia, which has left the country devastated on all fronts. According to UK based blockchain analysis provider Elliptic, the Ukrainian government, along with an NGO that provides military support, have raised a sum of $63.8 million through over 120,000 crypto asset donations since the beginning of the…
Beware of this new phishing attack!
March 17, 2022
Phishing attacks have been an age-old cybersecurity problem, with threat actors sending out bulk emails in an attempt to trick users into sharing confidential data, fraudulent bank transactions, or entering their passwords via bogus login portals.
Threat actors are exploiting email accounts by hijacking ongoing conversations between the users to send out phishing emails. This method is more…
Lapsus$, the infamous hacking group, claims to have acquired around 200 GB of source code files, which represents over 5,000 GitHub repositories. The Vodafone source code that the hackers claim to have obtained has not been leaked. Instead, they are asking thousands of users to join their Telegram channel.
Vodafone Portugal blamed certain service outages on a “malicious hack” in…
