Major cybersecurity events on 3rd April 2020: Domain names are leveraged to lure victims in the name of Coronavirus, NameCheap hosts one such domain. hacking forum OGUsers gets hacked again. Self-replicating Emotet infects Microsoft client’s entire network. Researcher hacks iOS, macOS camera vulnerabilities, Apple awards $75,000.Continue readingNameCheap facilitates fake domains, Crimson RAT targets Indian Financial sector, Spearphishing spreads LokiBot, and more
Category: Emotet
Major cybersecurity events on 18th March: From registering several new domains to building a malicious tracker app, deceptive Coronavirus scammers are at large, making the most of the current situation. New TrickBot tool employed to disrupt PCs and telecommunications. Continue readingMagecart target NutriBullet, Coronavirus app asks users for ransom, and more
Round Up of Major Breaches and Scams T-Mobile discloses data breach due to attack on email vendor T-Mobile has disclosed a data breach that exposed their customers’ personal and financial information. The source is believed to be their email vendor, who was hacked. Some of the hacked accounts contained T-Mobile customers’ social security numbers, financial…Continue readingCloudSEK Daily Threat Bulletin – 5th March 2020
Round Up of Major Breaches and Scams Threat group steals data by bypassing server firewall and masking C2 traffic What appears to be a state-sponsored threat group is using a technique called “Cloud Snooper” to bypass a server’s firewall to communicate with command and control (C2). The attackers deployed a rootkit that then installs a…Continue readingCloudSEK Daily Threat Bulletin – 25th February 2020
Round Up of Major Breaches and Scams 10 million+ records of MGM guests, now available on hacking forum 10 million records of MGM guests are now available for free on a hacking forum. The data, which was stolen during a security breach in July 2019, includes 3.1 million unique email addresses, names, addresses, and phone…Continue readingCloudSEK Daily Threat Bulletin – 20th February 2020
Round Up of Major Cyber Security News Puerto Rico government victim of $2.6m in phishing scam A senior Puerto Rican government official has confirmed that $2.6 million, allotted for remittance payments, was transferred to a fraudulent account, because of an email phishing campaign. An employee of a government-owned corporation transferred the amount, based on an…Continue readingCloudSEK Daily Threat Bulletin – 14th February 2020
Round Up of Major Cyber Security News JailCore App exposes inmates’ details on unsecured S3 bucket JailCore, a cloud-based correctional facility management and compliance application, has left inmate details exposed on an unsecured Amazon S3 bucket. Wherein, 36,000 exposed PDF files could be accessed without a password. The files contained inmates’ information, including personal identifiers…Continue readingCloudSEK Daily Threat Bulletin – 13th February 2020
Just 3 weeks before the legislative election, it has been found that Israel’s ruling party has inadvertently exposed all 6.5 million eligible voters’ personal information. And despite the growing sophistication of cyber-attacks, simple but severe Business Email Compromise attacks, are the leading cause for cybercrime losses. Phishing efforts continue to get more convincing, with a…Continue readingCloudSEK Daily Threat Bulletin – 12th February 2020
From charity organizations to government entities, just in the last few days, we have seen the impact of attacks on, 12 Indian government entities, the city of Racine, a voter registration website, and the Red Kite Community Housing charity. With Emotet finding a new carrier in W-9 tax forms, it is more obvious than ever…Continue readingCloudSEK Daily Threat Bulletin – 5th February 2020
Twitter announces that its API had been exploited to match usernames to phone numbers. While the fake accounts responsible for this have been suspended, the impact of this is still not known. Magecart targets Olympic tickets reseller’s payment platform to steal customer payment card numbers. And Apollon Market may be pulling off an exit scam,…Continue readingCloudSEK Daily Threat Bulletin – 4th February 2020