25 Jan 2023

DragonSpark Hackers Evade Detection With SparkRAT and Golang

SentinelLabs recently attributed a new string of attacks targeting East Asian organizations to a threat actor referred to as DragonSpark. SentinelLabs stated that the campaign leverages a rare open-source SparkRAT and malware tools to evade detection through source code interpretation techniques. The techniques are based on the Go programming language.

Read More
24 Jan 2023

Zendesk Hacked After Employees Fall for Phishing Attack

Zendesk, a customer service solutions provider, has suffered from a data breach that occurred due to a SMS phishing attack launched against its employees. At least one employee fell for the phishing attack, enabling the attackers to steal the employee’s credentials. Last week, cryptocurrency trading and portfolio management company Coinigy

Read More
24 Jan 2023

Most Federal Agencies Ignored GAO’s Cybersecurity Recommendations

The US Government Accountability Office (GAO) released a report last Thursday highlighting federal agencies’ failure to implement cybersecurity recommendations. The GAO found that 60% of the cybersecurity recommendations made by the office since 2010 have not been implemented. The GAO stated that the failure to follow the recommendations results in

Read More
24 Jan 2023

FBI Confirms North Korean Hackers Behind $100 Million Horizon Bridge Heist

The FBI has announced that it confirmed a link between North Korean hackers and the $100 million Horizon Bridge Heist that occurred in June 2022. Horizon bridge is a platform designed to enable cryptocurrency holders to transfer assets between networks such as the Ethereum Network, Binance Chain, Bitcoin, and Harmony’s

Read More
24 Jan 2023

A Major App Flaw Exposed the Data of Millions of Indian Students

An app operated by India’s Education ministry contained a security lapse that resulted in the exposure of personally identifying information belonging to millions of students and teachers. The information was exposed for over a year, the ministry confirmed. The app in question is the Digital Infrastructure for Knowledge Sharing app,

Read More
20 Jan 2023

CircleCI Confirms Data Breach Was Caused By Infostealer on Employee Laptop

CircleCI has confirmed that a data breach that impacted the integration and delivery platform was the result of an infostealer deployed to an employee’s laptop. The breach occurred on January 4, 2023 and the company identified the incident after detecting the presence of an unauthorized third party. The information stealer

Read More
16 Jan 2023

Euro Police Bust Multimillion-Dollar Crypto Fraud Gang

European law enforcement agencies collaborated to take down a multimillion dollar cryptocurrency fraud group, making multiple arrests last week. The operation was coordinated by Europol and targeted individuals associated with a large scale cryptocurrency investment fraud scheme. Those arrested include 14 individuals in Serbia and one in Germany, as well

Read More
16 Jan 2023

Illegal Crypto Transaction Volumes Hit All-Time High

According to recent reporting by blockchain analysis company Chainalysis, over $20 billion worth of illegal transactions were conducted using cryptocurrency last year. The record numbers are expected to get even higher as more illicit activity is uncovered by security research teams. Chainalysis works with law enforcement agencies and the government

Read More
16 Jan 2023

Russian Turla Cyberspies Leveraged Other Hackers’ USB-Delivered Malware

Russian state-sponsored threat actor Turla has been identified leveraging Andromeda malware to attack Ukrainian organizations. The malware was likely deployed by other hackers through an infected USB drive. Mandiant detailed the attack in a recent report, stating that the attack was conducted in September 2022. Turla has been active since

Read More
16 Jan 2023

Millions of Insurance Customers Compromised Via Supplier

Aflac and Zurich have confirmed that millions of customers located in Japan were impacted after a third-party contractor used by both of the insurance multi-nationals was breached. Customer details were allegedly put up for sale after the incident. Although the breached supplier has not been named, Japanese media outlets claim

Read More