22 May 2020

Veterans Affairs Launches First Chatbot to Field COVID-19 Questions

Recently, the Veterans Affairs Department launched a chatbot that aims to provide veterans and their caregivers with answers regarding the COVID-19 pandemic. The chatbot was developed in less than a month through the Microsoft Healthcare Bot platform. The tool can be accessed 24/7 to assess symptoms related to COVID-19 as

Read More
22 May 2020

Wishbone Breach: 40 Million Records Leaked on Dark Web

Dark web trader ShinyHunters has leaked an alleged 40 million user records stolen from the mobile app Wishbone, stating that they had decided to leak the data for free after individuals started to resell it. Cybersecurity vendor Cyble reported the massive data breach, which marks ongoing tension in the cybercrime

Read More
22 May 2020

Hackers Start Leaking Files Stolen From Shipping Giant Toll

Australian shipping giant Toll was hit by Nefilim ransomware earlier this month, marking its second ransomware attack since January. The hack did not result in data getting stolen, however, files were gathered from a corporate server in the attack. The shipping company refused to pay ransom demands made by the

Read More
22 May 2020

Hackers Can Target Rockwell Industrial Software With Malicious EDS Files

Two vulnerabilities found by cybersecurity firm Claroty have been patched recently by Rockwell Automation. The flaws are related to Electronic Data Sheet (EDS) files and can allow for malicious actors to expand access within a target’s OT network. Earlier this week, advisories for the vulnerabilities were published by Rockwell and

Read More
21 May 2020

Crooks Tap Google Firebase in Fresh Phishing Tactic

Researchers have uncovered a new series of phishing campaigns that use Google Firebase storage URLs, stating that the threat actors are leveraging the reputation of cloud infrastructure created by Google to lure victims. The phishing campaign begins with spam emails that prompt victims to click on a Firebase link inside

Read More
21 May 2020

New PipeMon malware uses Windows print processors for persistence

The Winnti hacking group has targeted video game companies again in a new campaign that utilizes recent malware called PipeMon, a modular backdoor that was identified earlier this year. PipeMon was discovered on servers belonging to video game developers of games that feature multiplayer options (massively multiplayer online) games. The

Read More
21 May 2020

Thousands of Israeli sites defaced with code seeking permission to access users’ webcams

A new threat actor group by the name “Hackers of Savoir” has targeted thousands of Israeli websites, defacing them to display an anti-Israeli message and malicious code that requests access to site visitors’ webcams. Researchers believe that more than 2,000 websites have been defaced by the group during the campaign,

Read More
20 May 2020

WolfRAT Android Malware Targets WhatsApp, Facebook Messenger

A new Android malware family has been identified by security researchers after it was repeatedly spotted in campaigns against Thai targets. According to researchers, the malware family, dubbed WolfRAT, targets popular messaging apps to gather intelligence. WhatsApp and Facebook Messenger are among those utilized by the malware operators, who are

Read More
20 May 2020

Bluetooth Bugs Allow Impersonation Attacks on Legions of Devices

According to security researchers, unpatched security bugs remain in Bluetooth chips from companies like Apple, Intel, Qualcomm, Samsung, and others, allowing for Bluetooth Impersonation Attacks (BIAS). Researchers found the vulnerabilities in Bluetooth Classic, allowing attackers to spoof paired devices, posing as a trusted endpoint. This then allows the attackers to

Read More
20 May 2020

Microsoft warns of ‘massive’ phishing attack pushing legit RAT

Microsoft’s Security Intelligence team has recently warned users of a phishing campaign with a COVID-19 theme that installs NetSupport Manager remote, an administration tool. The campaign is spreading the tool through various malicious Excel attachments on emails pretending to be from the Johns Hopkins Center, providing information on the number

Read More