Categories
Breach Bug COVID cryptominers Cyber Security Hacking Malware Phishing Scam Vulnerability

Phishing scam hijacks Facebook accounts, LG Electronics allegedly hit by Maze ransomware attack, and more

Major cybersecurity events on 26th June 2020 (Evening Post): Golang Worm Widens Scope to Windows. Hackers hide credit card stealing scripts in favicon EXIF data. LG Electronics allegedly hit by Maze ransomware attack.Continue readingPhishing scam hijacks Facebook accounts, LG Electronics allegedly hit by Maze ransomware attack, and more

Categories
Breach CVE Cyber Security Malware Ransomware Vulnerability

Hacker arrested for selling PII, Shlayer Mac malware spreads through poisoned Google search results, and more

Major cybersecurity events on 22nd June 2020 (Evening Post): Hackers hide malicious payloads in fake Windows error logs. New malware masquerades as a hack to get the premium Discord Nitro services. Cisco Webex Meetings flaw allows hackers to impersonate users.Continue readingHacker arrested for selling PII, Shlayer Mac malware spreads through poisoned Google search results, and more

Categories
Breach Cyber Security Malware MiTM Phishing Ransomware RAT Spyware Trojan

Tesla user data sold on eBay, Arogya Setu denies data breach of 90M Indians, 22M Unacademy user data sold after data breach, and more

Major cybersecurity events on 6th May 2020: 44 million Pakistani mobile users data leaked online. Microsoft’s GitHub account hacked, 500 GB data stolen. Hackers impersonate financial NGO to steal Microsoft Sharepoint, Office credentials. Snake ransomware targets healthcare among other businesses.Continue readingTesla user data sold on eBay, Arogya Setu denies data breach of 90M Indians, 22M Unacademy user data sold after data breach, and more

Categories
Breach Cyber Security Malware Phishing RAT Vulnerability

Remcos RAT cloaked as SMB grants, Malicious USBs doing the rounds, Hacked Linksys routers, and more

Major cybersecurity events on 27th March 2020: Teleworking attracts brute-force attacks on Linksys routers. European companies targeted by hackers, suspected to be the Silence and TA505 groups. FBI warns of malicious USB drives delivered via USPS. Remcos RAT payloads target U.S. SBA.Continue readingRemcos RAT cloaked as SMB grants, Malicious USBs doing the rounds, Hacked Linksys routers, and more

Categories
Breach CVE Malware Trojan Vulnerability

Canon breached, Tupperware, news sites hacked, Citrix, Cisco hit, and more

Major cybersecurity events on 25th March 2020: GE employees’ Canon mail accounts hacked. Fake payment form on Tupperware site used to steal credit card details. Hacked news sites delivers backdoor malware disguised as Google updates. Microsoft’s new update fixes Windows Defender.Continue readingCanon breached, Tupperware, news sites hacked, Citrix, Cisco hit, and more

Categories
APT Breach Malware Ransomware RAT RCE TrickBot Vulnerability

Stealthier Astaroth, TrickMo bypasses 2FA, Espionage targets WHO, and more

Major cybersecurity events on 24th March 2020: A new, stealthier Astaroth strikes Windows 10. COVID-19 cyberattacks against WHO spikes. 56 Google Play Store apps infected with malicious software. Kaspersky detects new APT campaign. TrickBot malware operators release TickMo to bypass 2FA. Azure applications can be weaponized against Microsoft365.Continue readingStealthier Astaroth, TrickMo bypasses 2FA, Espionage targets WHO, and more

Categories
APT Breach Cyber Security Ransomware SIM swapping Spearphishing Spyware Trojan Vulnerability

CloudSEK Daily Threat Bulletin – 13th March 2020

Round Up of Major Breaches and Scams Czech Republic’s second-biggest hospital is hit by cyberattack A large Czech Republic hospital responsible for running tests for the novel coronavirus said Friday that a cyberattack had hit its computer systems. It was not immediately clear how, if at all, the hack would affect University Hospital Brno’s ability to test for…Continue readingCloudSEK Daily Threat Bulletin – 13th March 2020

Categories
Breach CVE Malware Phishing TrickBot Vulnerability

CloudSEK Daily Threat Bulletin – 11th March 2020

Round Up of Major Breaches and Scams Iranian Coronavirus app collecting sensitive information Over the weekend, Iranian researcher, Nariman Gharib, reported via Twitter that he had identified a coronavirus app collecting sensitive information from users, including their real-time geo-location details, beyond what the app required to function. According to Gharib, the app was released by…Continue readingCloudSEK Daily Threat Bulletin – 11th March 2020

Categories
Cyber Security Malware Phishing Ransomware

CloudSEK Daily Threat Bulletin – 27th February 2020

Round Up of Major Breaches and Scams Phishing campaign uses fake NortonLifelock documents to distribute RAT Researchers have discovered a phishing campaign, which uses fake NortonLifelock documents, to bait users into installing a RAT (remote access tool). The password-enabled document contains a malicious macro, which is executed, once the document is enabled by the victim.…Continue readingCloudSEK Daily Threat Bulletin – 27th February 2020

Categories
CVE Cyber Security Emotet Malware Ransomware

CloudSEK Daily Threat Bulletin – 25th February 2020

Round Up of Major Breaches and Scams Threat group steals data by bypassing server firewall and masking C2 traffic What appears to be a state-sponsored threat group is using a technique called “Cloud Snooper” to bypass a server’s firewall to communicate with command and control (C2). The attackers deployed a rootkit that then installs a…Continue readingCloudSEK Daily Threat Bulletin – 25th February 2020