A report by the leading company Proofpoint has unveiled a sophisticated cyber fraud scheme orchestrated by the hacker group TA4903. This gang specializes in Business Email Compromise (BEC) attacks and has, over the past...
In recent times, cybercriminals have intensified their assaults on WordPress-based sites, employing a cunning method of infection. Sucuri, a company specializing in web security, has uncovered a new campaign aimed at script injection. Previously,...
Cybereason has identified a new malware variant named Snake, which proliferates through Facebook messages. This Python-written infostealer is designed to pilfer confidential user data. The stolen data are transmitted across various platforms, including Discord,...
Recently, cybersecurity experts worldwide have observed an uptick in hacker attacks targeting improperly configured cloud servers running on Apache Hadoop, Docker, Confluence, and Redis. In one of these recent attacks, malefactors deployed a novel...
The Canadian Financial Transactions and Reports Analysis Centre (FINTRAC) announced the shutdown of its corporate systems due to a cybersecurity incident. Details of the incident remain undisclosed; however, it is known that FINTRAC is...
ThreatMon, a cyber threat analysis platform, has reported the emergence of an advertisement on a notorious hacker forum offering a Zero Day exploit for WordPress for sale. The vendor claims that this exploit, implemented...
The international cybercriminal syndicate GhostSec, implicated in the creation and dissemination of ransomware named GhostLocker, is rapidly expanding the scope of its malevolent operations, encroaching upon an increasing number of countries. According to a...
A financial institution in Vietnam became the target of a previously unknown hacking collective, dubbed Lotus Bane. This group was identified by cybersecurity experts in March 2023, though it is believed to have been...
Specialists at FortiGuard Labs have uncovered a new threat to the financial sector in South America, specifically targeting Brazilian residents for bank credential theft. The banking trojan, dubbed CHAVECLOAK, is spread via an infected...
In a sophisticated cyberattack targeting a major corporation, malefactors employed the open-source QEMU hypervisor platform as a tool for creating a network tunnel. QEMU, a free emulator and hypervisor, facilitates the operation of various...
Apple has issued critical security updates to address two zero-day vulnerabilities in iOS, which have been exploited in real-world attacks against iPhone users. The company disclosed this information on March 5th in a separate...
According to Group-IB, between January and October 2023, the darknet saw the sale of over 225,000 logs containing compromised user credentials for ChatGPT. These credentials were found in the logs of info-stealers such as...
Nepalese cybersecurity researcher Samip Aryal made history by identifying a vulnerability in Facebook’s password reset system that allowed a malefactor to seize any account without any action from the victim. Aryal’s discovery not only...
In the JetBrains TeamCity On-Premises software, two new security vulnerabilities were identified that could be exploited by malefactors to seize control over the affected systems. The vulnerabilities, assigned the identifiers CVE-2024-27198 with a CVSS...
Trend Micro recently unveiled a new wave of activity by the ransomware group RA World, also known as the RA Group. This group initiated its malicious operations in April 2023 and has, over its tenure,...
The Cybersecurity and Infrastructure Security Agency (CISA) in the United States has issued an advisory warning about the known attack methodologies and indicators of compromise utilized by the Phobos ransomware group. This guidance aims...