May 3, 2024   03:16 PM   1 The NSA and FBI warned that the APT43 North Korea-linked hacking group exploits weak email Domain-based Message Authentication Reporting and Conformance (DMARC) policies to mask spearphishing attacks. Together with the U.S. State Department, the two agencies cautioned that the attackers abuse misconfigured DMARC policies to send spoofed emails which appear to come from credible sources such as journalists, academics, and other experts...

May 4, 2024   10:17 AM   0 The Iranian state-backed threat actor tracked as APT42 is employing social engineering attacks, including posing as journalists, to breach corporate networks and cloud environments of Western and Middle Eastern targets. APT42 was first documented by Mandiant in September 2022, who reported that the threat actors were active since 2015, having carried out at least 30 operations in 14 countries. The espionage group,...

May 1, 2024   01:35 PM   1 Image: Coolcaesar (CC BY-SA 4.0) Panda Restaurant Group, the parent company of Panda Express, Panda Inn, and Hibachi-San, disclosed a data breach after attackers compromised its corporate systems in March and stole the personal information of an undisclosed number of associates. Panda Express is the largest Chinese fast food chain in the United States, with over $3 billion in sales and 47,000 associates working in 2,300...

May 1, 2024   09:00 AM   0 A new malware named 'Cuttlefish' has been spotted infecting enterprise-grade and small office/home office (SOHO) routers to monitor data that passes through them and steal authentication information. Lumen Technologies' Black Lotus Labs examined the new malware and reports that Cuttlefish creates a proxy or VPN tunnel on the compromised router to exfiltrate data discreetly while bypassing security measures that detect unusual...

April 23, 2024   12:56 PM   0 The National Police Agency in South Korea issued an urgent warning today about North Korean hacking groups targeting defense industry entities to steal valuable technology information. The police discovered several instances of successful breaches of defense companies in South Korea involving the hacking groups Lazarus, Andariel, and Kimsuky, all part of the North Korean hacking apparatus. According to the announcement, the...

April 24, 2024   10:31 AM   0 The Federal Trade Commission is sending $5.6 million in refunds to Ring users whose private video feeds were accessed without consent by Amazon employees and contractors, or had their accounts and devices hacked because of insufficient security protections. The action is part of a settlement following a complaint from May 2023 alleging that Ring failed to implement adequate security measures to protect the devices...

April 24, 2024   01:07 PM   0 ​Cisco warned today that a state-backed hacking group has been exploiting two zero-day vulnerabilities in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls since November 2023 to breach government networks worldwide. The hackers, identified as UAT4356 by Cisco Talos and STORM-1849 by Microsoft, began infiltrating vulnerable edge devices in early November 2023 in a cyber-espionage campaign tracked as...

April 16, 2024   02:36 PM   0 Exploit code is now available for a maximum severity and actively exploited vulnerability in Palo Alto Networks' PAN-OS firewall software. Tracked as CVE-2024-3400, this security flaw can let unauthenticated threat actors execute arbitrary code as root via command injection in low-complexity attacks on vulnerable PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 firewalls if the device telemetry and GlobalProtect (gateway or portal)...

April 16, 2024   07:01 PM   0 Criminals are now texting T-Mobile and Verizon employees on their personal and work phones, trying to tempt them with cash to perform SIM swaps. The targeted employees have shared screenshots of messages offering $300 to those willing to aid the senders in their criminal endeavors. According to many reports, this is part of a campaign targeted at current and former mobile carrier workers who could have access to the...

April 13, 2024   10:00 AM   0 Canadian retail chain Giant Tiger disclosed a data breach in March 2024. A threat actor has now publicly claimed responsibility for the data breach and leaked 2.8 million records on a hacker forum that they claim are of Giant Tiger customers. Data breach monitoring service HaveIBeenPwned has added the leaked database to its website to make it easy for users to check if their information was compromised. The...

April 13, 2024   10:17 AM   0 A joint police operation between the Australian Federal Police (AFP) and the FBI has led to the arrest and charging of two individuals who are believed to be behind the development and distribution of the "Firebird" remote access trojan (RAT), later rebranded as "Hive." Firebird/Hive aren't among the most widely recognized and deployed RATs out there, but they could still have impacted users' securitys worldwide. Firebird used to...

April 11, 2024   06:00 PM   0 LastPass revealed this week that threat actors targeted one of its employees in a voice phishing attack, using deepfake audio to impersonate Karim Toubba, the company's Chief Executive Officer. However, while 25% of people have been on the receiving end of an AI voice impersonation scam or know someone who has, according to a recent global study, the LastPass employee didn't fall for it because the attacker used WhatsApp,...

April 12, 2024   11:05 AM   0 Roku warns that 576,000 accounts were hacked in new credential stuffing attacks after disclosing another incident that compromised 15,000 accounts in early March. The company said the attackers used login information stolen from other online platforms to breach as many active Roku accounts as possible in credential stuffing attacks. In such attacks, the threat actors leverage automated tools to attempt millions of logins using a...

April 11, 2024   10:16 AM   1 Apple has been notifying iPhone users in 92 countries about a "mercenary spyware attack" attempting to remotely compromise their device. In a sample notification the company shared with BleepingComputer, Apple says that it has high confidence in the warning and urges the recipient to take seriously. "Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone...

April 10, 2024   07:00 AM   0 Threat actors are abusing GitHub automation features and malicious Visual Studio projects to push a new variant of the "Keyzetsu" clipboard-hijacking malware and steal cryptocurrency payments. The attackers create GitHub repositories with names that have a higher chance of ranking well in search results and use various methods to artificially boost their popularity and visibility on the platform. Users downloading files...