14 Oct 2019

Iran-Linked ‘Charming Kitten’ Touts New Spearphishing Tactics

Iranian state-backed hacking group APT 25 (also known as Charming Kitten, Phosphorus, Ajax Security Team, NewsBeef and Newscaster) has updated its attack techniques to carry out a spearphishing campaign targeting US President Donald Trump’s re-election campaign, according to recent research[pdf] by ClearSky Cyber Security. The report states that the new attack

Read More
11 Oct 2019

Imperva blames data breach on stolen AWS API key

Last month, cybersecurity firm Imperva announced that the data of a “subset of customers” of Imperva’s Cloud Web Application Firewall was exposed in a “security incident” in September 2017. This week, the company published an analysis of the breach, which shows that the incident was made possible by the company

Read More
11 Oct 2019

Escort forums in Italy and the Netherlands hacked, user data put up for sale

Two European web forums serving sex workers and their customers have been breached by a Bulgarian threat actor who is now selling 330,000 stolen user records on underground marketplaces. The hacker, who uses the moniker InstaKilla, exploited a recently disclosed critical vulnerability in vBulletin in order to steal 300,000 records

Read More
08 Oct 2019

Muhstik Ransomware Victim Hacks Back, Releases Decryption Keys

A cybercrime victim whose QNAP network-attacked storage (NAS) device was recently infected with Muhstik ransomware decided to try and hack back the attackers, which was a rather successful effort: the victim managed to obtain nearly 3,000 decryption keys for Muhstik ransomware victims, which he released for free. Muhstik ransomware has

Read More
07 Oct 2019

Iran Caught Targeting US Presidential Campaign Accounts

Iranian hackers recently targeted a US presidential campaign as well as various government officials (including former officials) and journalists, an investigation by Microsoft found. Between August and September of this year, a total of 241 user accounts were attacked by the infamous Iranian state-backed hacking group known as APT 25,

Read More
07 Oct 2019

‘The Cyberthreat Handbook’ Released, Documents ‘Who’s Who’ of Attackers

A new report by Thales and Verint provides an extensive overview of the major threat groups operating in cyberspace. The study looks at the campaigns of around 60 hacking groups over a one-year period. About 50% of the actors under scrutiny were funded by governments and worked to steal confidential

Read More
04 Oct 2019

Cyber-Spy Group Active Since 2013 Now Tied to Chinese State Actor

Researchers with Palo Alto Networks say that a hacking group dubbed “PKPLUG” was responsible for a number of previously unattributed cyber-espionage campaigns targeting people in various Asian countries. PKPLUG has been active since at least 2013 and has targeted individuals in Mongolia, Myanmar, Tibet, Vietnam, Indonesia and Taiwan as well as

Read More
04 Oct 2019

New Android Cyberwarfare Attack Exposed—And It’s Hiding A Devious Twist

Earlier this week, the New York Times covered what it referred to as an “attack on Egyptian journalists, academics, lawyers, opposition politicians and human rights activists.” The report was based on recent research by Check Point, which in turn followed a report by Amnesty from March of this year. Check

Read More
04 Oct 2019

Update now: WhatsApp bug allows malicious GIF to steal user data

A security researcher using the moniker “Awakened” has uncovered a security flaw in WhatsApp that could make it possible for hackers to steal data from devices running the popular messaging app merely by targeting users with nefarious GIFs. After a malicious image is sent to the victim’s phone, it will

Read More
03 Oct 2019

Zendesk announces data breach impacting years-old accounts

Customer service software company Zendesk experienced a data breach in 2016 that impacted around 10,000 corporate customers, the company announced on Wednesday. Zendesk found out about the breach through a third-party and launched an investigation into the matter, which confirmed that the compromised data includes the full names, contact information,

Read More