A South Asian threat actor identified as Mysterious Elephant or APT-K-47 by Knownsec 404 researchers is using a Hajj-themed lure to trick victims into malicious payload disguised as a Windows file. The hacker is using upgraded Asyncshell malware disguised as a Microsoft Compiled HTML Help file.
The U.S. government on Wednesday unsealed criminal charges against five suspected members of the "loosely organized, financially motivated cybercriminal group" Scattered Spider. The suspects have been tied to 45 attacks, disrupting businesses and stealing cryptocurrency worth millions of dollars.
Iranian state hackers are taking a page out of North Korean tactics to entice job seekers into downloading malware, with security researchers spotting a Tehran campaign directed against the aerospace industry. It's possible that Pyongyang shared its attack methods and tools.
Android Spynote malware is masquerading as antivirus software to exploit Android processes to infiltrate devices, seize control and steal sensitive information from unsuspecting users. A report from Cyfirma shows the malware disguising itself as "Avast Mobile Security" in a recent campaign.
Canadian authorities arrested a suspected extortionist tied to the hacking theft of terabytes of data from clients of cloud-based data warehousing platform Snowflake. Charges against the suspect, Alexander Moucka, aka Connor Moucka, have yet to be publicly detailed.
Governments globally are intensifying anti-scam measures, introducing new guidelines to banks, telecom providers and other key sectors to bolster security controls and mitigate fraud risks for consumers and businesses. Some new frameworks threaten to levy stiff penalties for non-compliance.
A Colorado-based pathology laboratory is notifying more than 1.8 million patients that their sensitive information was compromised in an April hack, one of the largest breaches reported by a medical testing lab to U.S. federal regulators to date. Ransomware gang Medusa is blamed for the attack.
Hackers can use OpenAI's real-time voice API to carry out for less than a dollar deepfake scams involving voice impersonations of government officials or bank employees to swindle victims, said researchers at the University of Illinois Urbana-Champaign.
Despite heavy security investments, banks still struggle with basic security issues such as default passwords, vendor vulnerabilities and social engineering scams. Scott Weinberg, CEO of Neovera, shares a new report that shows banks of all sizes still grapple with these common risks.
A critical vulnerability in Open Policy Agent could expose NTLM credentials from Windows systems, potentially affecting millions of users. Researchers at Tenable warn that attackers could exploit the flaw through social engineering. Users must update to version v0.68.0 immediately to mitigate risks.
Cybercriminals posing as a top security firm in Israel have launched wiper attacks on local cybersecurity professionals after bypassing significant security measures, according to recent reports. Cybersecurity firm Eset said threat actors did not compromise its systems.
Sri Lankan authorities have arrested more than 200 Chinese nationals who they say overstayed their visitor visas and engaged in large-scale financial scam operations targeting victims across Asia. The Chinese Embassy in Colombo says it supports the law enforcement crackdown.
Human Security's recent $50 million growth funding, led by WestCap, will drive the development of click-fraud defense and enhance advertising integrity solutions. CEO Stu Solomon aims to leverage the funding for scaling the engineering and data science teams, addressing emerging fraud threats.
The Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation have issued new guidance to help U.S. political campaigns defend against increasing cyber threats from Iran, recommending stronger multifactor authentication, phishing-resistant protocols and vigilance against social...
Ransomware attacks are declining across many sectors - but not in healthcare, where an ongoing surge is reaching a four-year high in incidents, according to new research from security firm Sophos, which surveyed 5,000 IT leaders across 15 sectors and 14 countries between January and February.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.