Major cybersecurity events on 21st April 2020: Increased number of Bad Bots scrape data and attempt logins on websites. Extremely annoying coronavirus-themed malware locks users out of Windows. DoppelPaymer targets Los Angeles. Hackers attempt to sell 3000 UniCredit employees’ details. Continue readingNintendo hacked to buy Fortnite currency, 1.5M COVID-themed malicious mails per day, Agent Tesla targets oil companies, and more
Tag: DoppelPaymer
Major cybersecurity events on 16th April 2020: Shipping giant MSC confirms malware attack. Agent Tesla steals WiFi pass. Zoom Windows, macOS zero-day vulnerabilities for sale. DoppelPaymer targets Visser defence contractor. PoetRAT hits Energy sector, uses data-stealing tools.Continue readingIndia bans Zoom, Multi-million dollar face mask scam busted, Sawfish phishing targets GitHub, and morew
Major cybersecurity events on 10th April: Mediterranean Shipping Company suspects cyber attacks behind power outage. RigUp AWS S3 bucket exposes thousands of US Energy Sector private files. Card-skimmer malware targets WordPress plugin, WooCommerce. Travelex pays $2.3M as ransom, to hackers. Continue readingZoom credentials on dark web, RigUp exposes 76,000 files, 115 Mn Pakistani mobile users data on dark web, and more
Major cybersecurity events on 24th March 2020: A new, stealthier Astaroth strikes Windows 10. COVID-19 cyberattacks against WHO spikes. 56 Google Play Store apps infected with malicious software. Kaspersky detects new APT campaign. TrickBot malware operators release TickMo to bypass 2FA. Azure applications can be weaponized against Microsoft365.Continue readingStealthier Astaroth, TrickMo bypasses 2FA, Espionage targets WHO, and more
Major cybersecurity events on 19th March 2020: Sodinokibi ransomware data leaks sold on hacker forums. DDoS attacks target Takeaway food delivery service. Phishing campaign sends out emails posing as WHO Chief to spread HawkEye malware. Folding@home phishing spreads RedLine.Continue readingMespinoza/Pysa ransomware, HawkEye, RedLine Malware
Round Up of Major Breaches and Scams Tesco notifies Clubcard loyalty members of credential-stuffing attack U.K. supermarket chain Tesco has notified, 600,000 Clubcard loyalty program members, of a credential-stuffing attack. The attack came to light when Tesco’s internal systems detected attackers trying different combinations of usernames and passwords to access Clubcard accounts. The credentials are…Continue readingCloudSEK Daily Threat Bulletin – 4th March 2020
Round Up of Major Breaches and Scams ‘SurfingAttack’ allows attackers to remotely control voice-controlled devices A new omni-directional attack method called SurfingAttack, allows attackers to control voice-controlled devices from a distance, without the victim’s knowledge. Attackers can use voice commands to instruct voice assistants to reveal sensitive data such as SMS authentication codes for online…Continue readingCloudSEK Daily Threat Bulletin – 2nd March 2020
Round Up of Major Breaches and Scams Law enforcement partner Clearview notifies customers of breach Law enforcement partner Clearview has notified its customers of a breach that exposed the list of customers, their accounts, and their searches. The facial recognition platform, which is solely for law enforcement agencies, has purportedly collected ~3 billion facial images.…Continue readingCloudSEK Daily Threat Bulletin – 26th February 2020
Round Up of Major Breaches and Scams Threat group steals data by bypassing server firewall and masking C2 traffic What appears to be a state-sponsored threat group is using a technique called “Cloud Snooper” to bypass a server’s firewall to communicate with command and control (C2). The attackers deployed a rootkit that then installs a…Continue readingCloudSEK Daily Threat Bulletin – 25th February 2020
From charity organizations to government entities, just in the last few days, we have seen the impact of attacks on, 12 Indian government entities, the city of Racine, a voter registration website, and the Red Kite Community Housing charity. With Emotet finding a new carrier in W-9 tax forms, it is more obvious than ever…Continue readingCloudSEK Daily Threat Bulletin – 5th February 2020