Blog

Operation SideCopy Report Espionage Indian Army indie apt actor

Operation SideCopy Report – Espionage against the Indian Army?

A recent analysis report from an Indian cybersecurity expert exposed an over a year of surveillance by an unknown adversary targeting the Indian government – specifically its military service and notable defense organization. They named the report as – Operation SideCopy. According to the report, the adversary had used a different methodology to pursue its malicious...
Continue Reading
fitbit spyware intrusion social engineering malware mobile app

Fitbit just got fitted with Spyware for social engineering attack

The infamous mobile exercise and fitness app Fitbit was just given a rather “malicious” upgrade. Call it an alarming discovery from a security researcher, who found out that hackers and other threat actors can spike the app with malware, powerful enough to phish out personal and other information from its user. Fitbit advertises their app as...
Continue Reading
chowbus data breach brand abuse brand protection compromised data

Chowbus food delivery startup suffers massive data breach

Chowbus, an Asian food delivery startup owned by Fantuan Group, Inc., just suffered a massive data breach a couple of days ago. They have verified the intrusion and the amount of sensitive data that was compromised during the said breach. The initial assessment of the breach does not show the exact nature of the intrusion. However,...
Continue Reading
wisepay data breach cyber attack compromised data

WisePay online school payment system suffered a breach

WisePay’s website was hacked by the Cybercriminals between October 2-5. It is an online payment service provider that gives parents and guardians access and control to allow them to pay to the school on behalf of the students. Had estimated that there were a total of 300 schools affected, but the firm assumed that only a few...
Continue Reading
mozi botnet iot internet-of-things traffic

Mozi Botnet responsible for IOT Traffic

The latest feast on the cybersecurity realm evolved on the recent report submitted to the community about the Mozi botnet infesting numerous internet-of-things (IoT) devices. After the discovery in 2019, cybersecurity experts observed that this variant of the Mirai botnet has been in circulation for 90% of botnet attacks from October 2019 to June 2020. The...
Continue Reading
College of the Nurses of Ontario netwalker ransomware malware trojan

Netwalker goes after College of the Nurses of Ontario Data

The latest news in the cyber community talks about the College of the Nurses of Ontario (CNO), was added to the piling up roster of victims by cybercriminals Netwalker. Also known as ‘Mailto,’ this cybercriminal has been busy doing its devious act that mostly targets prominent businesses, academic groups, and health institutions. Based on the research,...
Continue Reading
Public Health Wales data leak compromised data infosec information security privacy

Public Health Wales says data of 18,000 COVID patients accidentally published

On August 30, 2020, the Public Health Wales (PHW), a private health organization, has posted accidentally of more than 18,000 patients’ information on their website. The information has been available from 2 PM until the morning of 10 AM before it was taken down. According to the report, the information was viewed publicly by 56 unknown...
Continue Reading
tutanota email distributed denial of service dns ddos

Tutanota encrypted email service suffers DDoS Attack

Series of distributed denial of service (DDoS) was experienced by Tutanota mid of this month. The attack was able to completely halt its use entirely and affects over 2 million of its users. Unknown cyber attackers not only attack the company itself but also spread its malicious activity to the DNS provider of the company, ensuring...
Continue Reading
Shenzhen Zhenhua Data Tech Data Leak compromised data china chinese company

Shenzhen Zhenhua Data Technology allegedly collected Data

Chinese data services company Shenzhen Zhenhua Data Technology is now being questioned with its database and its application called the Overseas Key Information Database or OKIDB. The company is owned by a government-backed military research company – China Electronics Technology Group (CETC). Wherein its CEO is a known supporter of hybrid and psychological warfare, which includes...
Continue Reading
us department of defense vulnerabilities software hardware dod white hat hackers vulnerability assessment

U.S. Department of Defense disclosure on vulnerabilities

A recent disclosure from the U.S. Department of Defense details has been announced to the public. This is about their infrastructure system’s critical and high severity vulnerabilities. The vulnerabilities can allow threat actors to exploit the systems by hijacking a subdomain, remote code execution, or view and capture data and files on a vulnerable machine and...
Continue Reading
pioneer kitten iranian hackers compromised data underground forums dark web data breach

Iranian hacking group Pioneer Kitten sells company data on underground forums

Another speculated Iranian government-backed hacker was seen selling stolen corporate network information on an underground hacking forum. The group was named ‘Pioneer Kitten,’ also dubbed as Fox Kitten or Parisite, which is believed as a contracted hacker for Iran. The adversary is estimated to be working under the radar since 2017, exploiting known vulnerabilities on remote...
Continue Reading
bluetooth vulnerability encryption exploit blurtooth

Bluetooth encryption bug called BlurTooth

An Independent researcher has recently submitted their concluded report about the vulnerability they have unraveled for the current version of the Bluetooth version. The noted version of the application was in ranges of 4.0 to 5.0, in which most modern smart devices have come in the package. The Bluetooth Special Interest Group (SIG) – the group...
Continue Reading
razer customer info leak misconfigured server data leak compromised data fraud prevention

Thousands of Razer customer information leaked on a misconfigured server

On the 18th of August, an Independent Cyber Security Consultant, Volodymyr “Bob” Diachenko has discovered a leaked customer data on a gaming-gear merchant, Razer, that is believed to be a result of server misconfiguration. Diachenko stumbled upon a misconfigured Elasticsearch cluster that exposed Razer’s customer private information for everyone else to see.     There are no...
Continue Reading
ripple20 malware iot device industry internet of things antimalware hardware vulnerabilities

Ripple20 Malware highlights IoT Industry challenges

With the growing statistics and people being reliant on technology and devices connected through the internet, a new dreaded threat has been released for awareness of the public. Consist of 19 zero-day attack vulnerabilities for low-level TCP/IP software library that has been used to millions of devices manufactured, the report was collaboratively named ‘Ripple20’. Exploiting these...
Continue Reading
office 365 phishing attack fake login pages hacking compromised domain

O365 Real-Time response attack on stolen logins

A new variant of scheming for Office 365 credentials has been observed by cybersecurity experts as they stumbled on this method of the adversary. Unlike the usual exfiltration of credentials through the use of specialized spyware/malware, the method used was now based on the real-time response from the victim upon entering their credentials of the domain-controlled...
Continue Reading
roper st francis data breach compromised email account data breach dark web

Roper St. Francis Hospital Data Breach

The latest victim of another data breach in the health industry is Roper St. Francis Hospital (RSFH), South Carolina, US, here they had disclosed that up to 6,000 patients’ medical records and other private information were compromised. One of the most valuable data being sold in the black market and the dark web are medical records....
Continue Reading
sk hynix maze ransomware attack antimalware malware solutions monitoring dark web

Maze hacked memory chips company SK Hynix

The infamous maze hacker has done it again, gaining another popularity for victimizing SK Hynix from South Korea. The victim company was known to be the third-largest semiconductor company profiting from manufacturing RAM and flash memory that is distributed around the globe. A prominent company that they do business is Apple and other PC manufacturers. Maze...
Continue Reading
rogue employee fraud prevention conspiracy russia

1 Million USD to go Rouge; How Rogue employees are made

Local Authority and the Federal Bureau of Investigation (FBI) recently apprehended in Los Angeles airport a 27-year-old Russian National for a violation of conspiracy to cause damage to a protected computer. The conspirator was named Egor Igorevich Kriuchkov, who visited the United States with a tourist visa to personally meet his contact or a rogue employee...
Continue Reading
qakbot financial malware trojan antimalware

QakBot Financial Malware and it’s new tricks

A newly submitted malware analysis report has been concluded that the QakBot is still quacking with more virulent features placing it again on the watchlist of many cybersecurity experts. According to the report, a new variant of QakBot has been released, terrorizing prominent government and producing sectors, mainly in the United States, Europe, and other Asian...
Continue Reading
iranian hackers apt charming kitten impersonation social engineering

Iranian APT group Charming Kitten impersonates journalists

After few months working under the radar, cybersecurity experts again have unraveled the repurposed modus of the Iranian APT group dubbed as Charming Kitten. Their main targets are usually to perform cyber espionage to victims from the United States, Israel, and other countries who typically are prominent people from being an activist, entrepreneurs, government, and military...
Continue Reading
1 2 3 4 5 29