Since mid-April 2024, Microsoft has observed an increase in defense evasion tactics used in campaigns abusing file hosting services like SharePoint, OneDrive, and Dropbox. These campaigns use sophisticated techniques to perform social engineering, evade detection, and compromise identities, and include business email compromise (BEC) attacks.
Chatbot companion platform muah.ai was hacked and had its chatbot prompts stolen.
EXC: Security researchers at Google and Amnesty International discovered hackers exploiting the bug in an active hacking campaign.
From Perfctl to InfoStealer, Author: Xavier Mertens
It’s the spooky season, and there’s nothing spookier than security patches – at least in my world. Microsoft and Adobe have released their latest patches, and no bones about it, there are some skeletons in those closets. Take a break from your regular activities and join us as we review the details
American IT software company Ivanti has released security updates to fix three new Cloud Services Appliance (CSA) zero-days tagged as actively exploited in attacks.
Ukrainian hackers carried out a cyberattack that took down online broadcasts of Russian state television and radio channels on Monday, according to an official in Kyiv with knowledge of the operation.
#A #Dmitry #Emerging #Europe #Infrastructure #Markets #Media #Peskov #Putin #Radio #Russia #Ukraine #Vladimir #business #cybersecni #cybersecurity #politics #technology
China reportedly hacked the wiretap systems required by U.S. internet providers under a 1994 U.S. wiretapping law.
Discover Mamba 2FA, a previously unknown adversary-in-the-middle (AiTM) phishing kit and sold as phishing-as-a-service (PhaaS).
New Gorilla botnet launches over 300,000 DDoS attacks globally, exploiting IoT devices and Apache Hadoop flaws.
Homeland Security Investigations is stopping hacks before they occur.
The City of London Police had put the teenage boy in the suburban Travelodge to protect him. They even set up a code with him and his mom to signal it was safe to open the door: “Lucky lucky.”
Then they grew suspicious.
The teen had a history with the police. It was September 2022, and 17-year-old Arion Kurtaj had been arrested twice earlier that year for his alleged role in a hacking group that stole data and demanded ransoms from some of the world’s biggest tech companies. Kurtaj, who is autistic, was released both times. The second time, that March, he had been let go under the condition that he stay offline.
14 new DrayTek router vulnerabilities, including critical flaws, could allow attackers to take control. Patch now
Perfctl is particularly elusive and persistent malware employing several sophisticated techniques
Eight individuals have been arrested as part of an ongoing international crackdown on cybercrime, dealing a major blow to criminal operations in Côte d’Ivoire and Nigeria.
The arrests were made as part of INTERPOL’s Operation Contender 2.0, an initiative aimed at combating cyber-enabled crimes, primarily in West Africa, through enhanced international intelligence sharing.
Phishing scam targets Swiss citizens
In Côte d’Ivoire authorities dismantled a large-scale phishing scam, thanks to a collaborative effort with Swiss police and INTERPOL.
Organizations that get relieved of credentials to their cloud environments can quickly find themselves part of a disturbing new trend: Cybercriminals using stolen cloud credentials to operate and resell sexualized AI-powered chat services. Researchers say these illicit chat bots, which…
The simultaneous actions targeted the Star Blizzard espionage operation, which targeted government and civil society around the world.
Sixteen individuals who were part of Evil Corp, once believed to be the most significant cybercrime threat in the world, have been sanctioned in the UK, with their links to the Russian state and other prolific ransomware groups, including LockBit, exposed.
Sanctions have also been imposed by Australia and the US, who have unsealed an indictment against a key member of the group.
Jesse Kipf was a prolific hacker who sold access to systems he hacked, had contacts with a notorious cybercrime gang, and tried to use his hacking skills to get off the grid for good.
AT&T and Verizon are among the broadband providers that were breached
