Blog

Accellion data breach Clop ransomware malware File Transfer Appliance

The average ransomware payment increases due to the Accellion data breach

Clop ransomware group attacked Accellion, one of the companies that offer File Transfer Appliance. Typically, transferring files happens via email. However, emails have limitations, particularly when it comes to large attachments and sensitive data. Some companies are now using File Transfer Appliance (FTA) installed on a private cloud, on-premises, or hosted to securely manage and store...
Continue Reading
IcedID malware contact forms financial trojan social engineering

Hackers abusing enterprise contact forms to deliver financial malware

Microsoft recently warned organizations of a new unique attack campaign that abuses contact forms found on websites to deliver financial malware to businesses through email that poses as email of legal threats. This new campaign is another trick of adversaries to abuse business infrastructures to evade and bypass installed security protection systems. The emails aim to...
Continue Reading
apkpure client tampered triada malware trojan android mobile device

APKPure client app tampered by Hackers to distribute malware and trojan

One of the largest app stores outside of the Google Play Store, APKPure, was reported to have been infected with malware recently. The malware can allow hackers and threat actors to plant and distribute trojans into Android phones and other devices.  This is another supply chain attack with similarities to the recent attack on Gigaset, a...
Continue Reading
php git server compromised supply chain attack

PHP’s git server gets compromised by another Supply Chain Attack

Another instance of a supply chain attack has been reported; this time, it’s on the Git repository of PHP and their data storage. The hacked repository and the codebase contents were tampered with. The incident’s investigation is ongoing and more details will be revealed in the upcoming days. On the initial reports, the malicious activity had...
Continue Reading
facebook hacked leaked compromised data social media vulnerability exploit

Facebook Hacked… Again? Maybe we are not that surprised

Hacked and leaked, ever since the Cambridge-Analytica issue erupted, we have seen never-ending posts in the different dark web and criminal forums about data peddled for a price about Facebook. The social media giant became a target for social engineer actors from other countries and various blackhat hacking skills. This 2020, iZOOlogic downloaded leaked Facebook data...
Continue Reading
verkada surveillance camera hacked breach Arson Cats APT69420

Customers not affected after Verkada surveillance camera breach

This week’s trending topic in the cybersecurity community is the successful intrusion of the collective hacktivist APT69420 or Arson Cats that proves no one is secured. Though it is a small group of hackers, they could penetrate Verkada Security Company, a known recipient of Silicon Valley funding for its technology advancement when it comes to a...
Continue Reading
ethical hackers researchers hacked indian government critical vulnerabilities flaws

Researcher team hacked Indian government websites by using exposed git and env files

Ethical hackers and cybersecurity researchers disclosed more information on how multiple websites of the Indian government got hacked and breached. Just last month, researchers from the Sakura Samurai hacking group had discovered and disclosed their breach and findings via a large number of critical vulnerabilities on the cyber systems of the Indian government. The full findings...
Continue Reading
data breach world's top 100 brands business reputation

World’s top 100 brands values at 223 billion dollars are at stake if a data breach occurs

A company’s sensitive information is stored on either local machine, cloud servers, and enterprise databases. A data breach can be defined as viewing an individual’s personal medical file without authorization or sharing a sensitive document without permission. When a company accidentally exposes data, it might be due to unintentional disclosure of data inside the job of...
Continue Reading
microsoft instagram vulnerability bug bounty reward program ethical hacking

$50,000 reward for bug that could have allowed access to your Microsoft account

A 50,000 USD reward program recently made a noise because it was awarded to an independent researcher who submitted a vulnerability found on Microsoft and Instagram accounts to bypass the mentioned platform’s account recovery program service. Despite its high-level security to avoid such intrusion on their user’s account, the researcher was able to crack the fortress...
Continue Reading
cybercrime work from home remote work fraud prevention vulnerability exploit

Remote work leveraged for cybercrime by adversaries in targeted attacks

Cybercrime (CC) has never been projected as high as last fiscal year compared to the previous years. Historical data confirms the enormous leap of numbers on reported cases in various types of attack known by the cybersecurity experts. Incidents of repurposed tactics, newer and more lethal approach of adversaries were recorded complimenting the uprising cases amidst...
Continue Reading
SII Bharat Biotech Stone Panda APT10 Chinese State Hackers

SII and Bharat Biotech, Covid19 vaccine makers targeted by Chinese hackers

The Chinese hacking group Stone Panda or APT10 has been identified as responsible for the attacks on Indian vaccine makers, as confirmed by a cybersecurity firm. The hacking group had identified flaws and vulnerabilities in the IT infrastructure and software supply chain of the world’s largest vaccine maker companies, Serum Institute of India or SII and...
Continue Reading
mobile apps location tracking personal privacy compromised data

Mobile apps location tracking is invading personal data privacy

The hot debatable issue in the cyber world today is about the location tracking on mobile apps discussing the pros and cons of people’s privacy. In the recent news site that is prominent in India, it is said that aggregators have been sued together with telecom providers that sold collected data to third-party companies gathered from...
Continue Reading
clubhouse social media app chinese government compromised data agora inc

Clubhouse social media app might be leaking data to Chinese Government

Launched amidst the pandemic in March 2020 with only 1500 users and a net worth of USD 100 million, the Clubhouse app soared up the digital market with a current count of estimated 10 million users and worth USD 1 billion in just 11 months aside from other found funding. The app became famous as it...
Continue Reading
phone scams communications frauds money loss fraud prevention vishing SMSing

Phone scams stolen money from almost 40 percent of consumers in 2020

Almost 40% of telecommunication consumers have lost money to phone scams and frauds during the previous year based on a recent research report conducted by a Hiya, a telecommunication platform. It is now more than ever that consumers and organizations rely on using voice calls to process transactions with voice network traffic rising 184% in 2020...
Continue Reading
cyber technology attack lives at risk

Lives are at risk on cyber and technology attacks

Technology advancement is considered the most significant breakthrough in every institution, business, and alike. Having such elevation gives an edge to every sector that promised faster and reliable services that ease people’s lives of the burden of manual work. We are in a period heavily dependent on the comfort of these technologies but always have in...
Continue Reading
vendor supply chain knowledge gap third-party risk assessment

Third-party cyber risk, The vendor supply chain knowledge gap

The recent SolarWinds cyberattack exposed a third-party supply chain weakness using exploitable vulnerabilities on other widely distributed and implemented software and system offerings available in the market. Still, many enterprises have little insight into the set of suppliers currently being used in their infrastructure systems. Based on a survey conducted by BlueVoyant, out of 1,500 technology,...
Continue Reading
financial services finance industry sector covid19 cyberattacks fraud prevention

Financial Services suffer cyber-attacks related to Covid19

Cybercrime has significantly increased every year, which is directly proportional to the growth of technology. Factors attributed to this increase could be summed up due to the perpetrators’ persistent behaviour through new tactics like using Covid19 as theme and sophisticated applications. Cybercriminals are being backed up by governments and the victim’s open vulnerability. Different sectors are...
Continue Reading
Imobiliare Romania Real Estate Data Breach vulnerability misconfiguration

Imobiliare, Romania’s largest Real Estate company suffers Data Breach

Every day, companies faced security challenges in maintaining their data secured from cyber-attacks. A data breach results from successful cyber-attacks that permit cyber criminals to access a company’s sensitive data. The exploitation of the data can happen anytime to any organization. However, cyber-attack is not the only cause of why data breaches are happening worldwide. Some...
Continue Reading
cryptojacking MrbMiner botnet Iran Vihansoft trojan Iran

MrbMiner botnet traced back to Iranian software company

With the growing followers of cryptocurrency, adversaries use different tactics to perform illegal mining activities to profit via cryptojacking. With the performance requirements needed by a database, riding to it is a great advantage that the ingenious MrbMiners has exploited. By targeting many Microsoft SQL servers via brute-force attacks, MrbMiner placed their group in the watchlists...
Continue Reading
iobit ransomware DeroHe vulnerability brand abuse

IOBit group forum hacked to spread ransomware to members

New player ransomware – DeroHe has recently added to their victim an established computer utility developer on their list. Their recent victim is the IOBit company that started in 2004, developing various applications that focus on computer optimization and virus/malware protection.  According to the report, the attack was orchestrated to the group forum of IOBit wherein...
Continue Reading
1 2 3 30