Day

January 4, 2022
Spam Websites Registries Exploited Pay Per Click Fraud Website Spoofing Takedown Request Alibaba

Spam sites hosted via web registries gets exploited in a pay-per-click fraud

Our security experts from iZOOlogic have recently noticed multiple spam sites registered through Alibaba Registrar/Webhost, Cloudflare Webhost, and .CN or .TOP registries created by threat actors to conduct fraud by targeting our clients and using their brand names and logos. Threat actors leverage the spam sites by offering prizes such as huge cash or gift...
Continue Reading
Hackers Steal Master Passwords Last Pass Data Leak MFA

Hackers attempted to steal the master passwords of LastPass users

LastPass users worldwide were frightened after a message was sent to their respective emails about their master passwords being accessed by unknown threat actors from unrecognised locations. However, the access attempts were immediately blocked as a safety precaution since they came from unidentified locations. Stories of similar LastPass master passwords being compromised were seen posted...
Continue Reading
Ecommerce Websites Vulnerable Magecart Attacks Card Skimming Vendor Risk

Numerous e-commerce websites vulnerable to Magecart attacks

Recently, a barrage of attacks from the Magecart threat actors revealed multiple critical vulnerabilities in e-commerce sites and applications wherein the website’s defenses are discovered to be incompetent against Magecart attacks. Experts conducted research and found that about 30,000 vulnerabilities were found within existing websites being prone to Magecart attacks. Also, another 10,000 active sites...
Continue Reading
Cyber Attackers Mahan Airlines IRGC-QF Iran Data Breach

Attackers strike Mahan Airlines to stress their connection with the IRGC-QF

One of Iran’s biggest airlines, Mahan Air, was reportedly hit by a cyberattack that the Hooshyarane Vatan threat group allegedly conducted. The said threat group stole documents involving the airline to the Islamic Revolutionary Guard Corps. The airline acknowledged to the public about being hit by the attack but added that it had already been...
Continue Reading
Threat Group Void Balaur Hacker For Hire APT28 Pawn Storm Threat Hunting Hackers

The history of cyber mercenary group Void Balaur gets probed by analysts

Security researchers have recently released a report about hacker-for-hire threat group services that have been advertised throughout the cybercrime underground landscape since 2010. The cyber mercenary group, named Void Balaur, has been attacking victims for surveillance and financial gains. Their previous attacks involved firms within the IT and telecom sectors and journalists, activists, and religious...
Continue Reading