Infosecurity News
Russian Actors Weaponize Legitimate Services in Multi-Malware Attack
Recorded Future details a novel campaign that abuses legitimate internet services to deploy multiple malware variants for credential theft
The Cyber Express
TCE Cyberwatch: Weekly Wrap on AI, Deepfakes, Cybersecurity Challenges Affecting Nations Worldwide
This week on TCE Cyberwatch we’re covering the different data breaches and vulnerabilities faced by different companies. Along with this,
The Hacker News
North Korean Hackers Deploy New Golang Malware 'Durian' Against Crypto Firms
North Korean hackers have unleashed a new Golang malware called "Durian" in targeted attacks against South Korean crypto firms.
The Hacker News
APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data
APT42, an Iranian state-backed hacking group, is leveling up its social engineering tactics. They're posing as journalists and event organizers to bui
Security Affairs
Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
.png)
Cyber Security News
Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)
The weekly news summary keeps you up to date with what’s happening in cybersecurity, including developments, vulnerabilities, breaches, threats, and defensive strategies. Knowing about new cyber risks and attack vectors helps you put up safeguards and preventive measures as soon as possible to protect your systems. Remaining constantly aware gives you a holistic view of […]
DarkReading
Dropbox Breach Exposes Customer Credentials, Authentication Data
Threat actor dropped in to Dropbox Sign production environment and accessed emails, passwords, and other PII, along with APIs, OAuth, and MFA info.
Security Affairs
Threat actors hacked the Dropbox Sign production environment
Threat actors breached the Dropbox Sign production environment and accessed customer email addresses and hashed passwords
The Cyber Express
Dropbox Reports Breach of Sensitive Authentication Data for its Sign Product
Cloud storage and file sharing company Dropbox disclosed a security breach that resulted in an unauthorized access to sensitive information,
Infosecurity News
Security Breach Exposes Dropbox Sign Users
Attackers accessed emails, usernames, phone numbers, hashed passwords and authentication information
CyberSecurity Dive
Every Dropbox Sign user, account holders or not, stung in cyberattack
An attacker intruded the electronic signature platform’s production environment and accessed a trove of user data, including OAuth tokens.
The Hacker News
Dropbox Discloses Breach of Digital Signature Service Affecting All Users
Dropbox Sign Breached! Unidentified hackers accessed user emails, usernames, and account settings for all Dropbox Sign users.
SecurityWeek
Dropbox Data Breach Impacts Customer Information
Dropbox says hackers breached its Sign production environment and accessed customer email addresses and hashed passwords.
CSO
Dropbox Sign hack exposed user data, raises security concerns for e-sign industry
The names and email addresses of those customers were also exposed who had never created an account with Dropbox Sign but had “received or signed a document through Dropbox Sign.”
Cyber Security News
Dropbox Sign Hacked: Attackers Stolen API Keys, MFA, & Hashed Passwords
Dropbox disclosed a significant security breach affecting its electronic signature service, Dropbox Sign (formerly known as HelloSign).
SC Magazine
Attackers steal API keys, OAuth tokens, in Dropbox Sign breach
Security pros see the Dropbox Sign breach as not just a blow to Dropbox, but a really bad day for electronic signatures.
Bleeping Computer
DropBox says hackers stole customer data, auth secrets from eSignature service
Cloud storage firm DropBox says hackers breached production systems for its DropBox Sign eSignature platform and gained access to authentication tokens, MFA keys, hashed passwords, and customer information.
The Record
Dropbox says hacker accessed passwords, authentication info during breach
The company told federal regulators that it discovered unauthorized access to the production environment of its Dropbox Sign product.
Trend Micro
Trend Micro Collaborated with Interpol in Cracking Down Grandoreiro Banking Trojan
In this blog entry, we discuss Trend Micro's contributions to an Interpol-coordinated operation to help Brazilian and Spanish law enforcement agencies analyze malware samples of the Grandoreiro banking trojan.
Security Affairs
FIN7 targeted a large U.S. carmaker phishing attacks
BlackBerry reported that financially motivated group FIN7 targeted the IT department of a large U.S. carmaker with spear-phishing attacks.
The Hacker News
FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor
FIN7, a notorious cybercrime group, is targeting the U.S. automotive industry with spear-phishing attacks.
Bleeping Computer
FIN7 targets American automaker’s IT staff in phishing attacks
The financially motivated threat actor FIN7 targeted a large U.S. car maker with spear-phishing emails for employees in the IT department to infect systems with the Anunak backdoor.
Infosecurity News
Microsoft Most Impersonated Brand in Phishing Scams
New Check Point data found Microsoft was impersonated in 38% of all brand phishing attacks in Q1 2024, up from 33% in Q4 2024
Cyber Security News
Hackers Weaponize Suspended Domains To Deliver Malware Payload
A recent phishing campaign targeting Latin America utilized emails with ZIP attachments containing an HTML file disguised as an invoice using
The Hacker News
Cybercriminals Targeting Latin America with Sophisticated Phishing Scheme
Latin America targeted in new phishing attack. Emails contain malicious HTML files disguised as invoices.
Bleeping Computer
Fake Facebook MidJourney AI page promoted malware to 1.2 million people
Hackers are using Facebook advertisements and hijacked pages to promote fake Artificial Intelligence services, such as MidJourney, OpenAI's SORA and ChatGPT-5, and DALL-E, to infect unsuspecting users with password-stealing malware.
SC Magazine
Bing ad posing as NordVPN aims to spread SecTopRAT malware
The remote access trojan creates a second hidden desktop to control the victim’s browser.
SC Magazine
AT&T confirms theft of 73M records, 7.6M current customers affected
The company reset passcodes and acknowledged the years-old leak for the first time Saturday.
.png)
Cyber Security News
Cyber Security News Weekly Round-Up : Cyber Attacks, Vulnerabilities, Threats & New Cyber Stories
cybersecurity news will keep you posted on the latest developments, exposures, advances, occurrences, threats, and narratives in this field.
The Hacker News
New StrelaStealer Phishing Attacks Hit Over 100 Organizations in E.U. and U.S.
Researchers at Palo Alto Networks Unit 42 uncover a new wave of phishing attacks delivering StrelaStealer malware, impacting over 100 organizations in
The Hacker News
Hackers Exploiting Popular Document Publishing Sites for Phishing Attacks
Cybercriminals are now using digital document publishing sites like FlipSnack, Issuu, and Marq for phishing and credential theft.
The Hacker News
New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT
New phishing attacks target US organizations. Hackers use NetSupport RAT to steal data & control computers.
DarkReading
North Korea-Linked Group Levels Multistage Cyberattack on South Korea
Kimsuky-attributed campaign uses eight steps to compromise systems — from initial execution to downloading additional code from Dropbox, and executing code to establish stealth and persistence.
DarkReading
ML Model Repositories: The Next Big Supply Chain Attack Target
Machine-learning platforms like Hugging Face are suspectible to the same kind of attacks that threat actors have executed successfully for years via npm, PyPI, and other open source repos.
The Hacker News
New DEEP#GOSU Malware Campaign Targets Windows Users with Advanced Tactics
New cyberattack campaign, DEEP#GOSU, uses PowerShell & VBScript to target Windows systems.
.webp)
Cyber Security News
Cyber Security News Weekly Round-Up : Cyber Attacks, Vulnerabilities, Threats & New Cyber Stories
With our weekly cybersecurity news summary, explore and learn about the most recent developments in the cybersecurity field.
Infosecurity News
Meta Sues Former VP After Defection to AI Startup
Meta is suing one of its former executives for stealing sensitive documents before leaving the company
The Hacker News
Alert: Cybercriminals Deploying VCURMS and STRRAT Trojans via AWS and GitHub
A new phishing campaign uses a Java-based downloader to distribute VCURMS & STRRAT RATs, leveraging public services like AWS & GitHub for malware host
.webp)
Cyber Security News
Hackers Abuse Dropbox In Phishing Attack To Steal Logins
Darktrace, a leading AI-powered threat detection company identified a sophisticated phishing attempt targeting one of its customers in
HACKRead
Dropbox Abused in New Phishing, Malspam Scam to Steal SaaS Logins
Darktrace is warning users about a new phishing and malspam campaign targeting customers of SaaS platforms by exploiting Dropbox emails.
Infosecurity News
Dropbox Used to Steal Credentials and Bypass MFA in Phishing Campaign
Darktrace reveals a novel phishing campaign where attackers leveraged legitimate Dropbox infrastructure to steal credentials before bypassing MFA
CSO
Data breaches caused by insiders can cost you over $15 million
Cybersecurity skills gaps, ambiguous data regulation, and a distributed workforce are all adding to increased insider-driven incidents.
Infosecurity News
US Government Warns Healthcare is Biggest Target for BlackCat Affiliat
The US government advisory warns healthcare organizations are being targeted by BlackCat amid an ongoing cyber-incident affecting Change Healthcare
DarkReading
Mexico's 'Timbre Stealer' Campaign Targets Manufacturing
A new infostealer spreading to organizations across Mexico heralds 2024's fresh season of tax-themed phishing attacks.
The Cyber Express
Newly Emerged JKwerlo Ransomware Targets Victims in France and Spain
A newly discovered ransomware dubbed JKwerlo has emerged in European markets, aiming at unsuspecting victims in France and Spain. Cyble
Bleeping Computer
Save $125 on a second private phone number with Hushed
Protecting your phone number helps you guard your digital privacy. This lifetime subscription to Hushed lets you split public and private for $24.99, $125 off the $150 MSRP.
Cyber Security News
Google's Open-source Tool Bazel Flaw Let Attackers Insert Malicious Code
Bazel, an open-source software used for automation of building and testing has been discovered with a critical supply chain vulnerability.
Security Affairs
The 'Mother of all Breaches': Navigating the Aftermath and Fortifying Your Data with DSPM
What is Data Security Posture Management (DSPM) and how can mitigate the risks of data leaks such as the 'Mother of all Breaches.'
SC Magazine
Google supply chain bug patched in code-testing tool Bazel
A GitHub Actions workflow could have been used for a command injection vulnerability in Bazel, which had the potential for threat actors to add malicious code into the production environment for projects using the Google open-source product.
Infosecurity News
Google’s Bazel Exposed to Command Injection Threat
Cycode stressed securing software supply chains amid complex dependencies and third-party actions
Cyber Security News
10 Best GDPR Compliance Security Companies - 2024
Best GDPR Compliance Security Companies : 1. Perimeter 81 2. LogicGate 3. Egnyte 4. Exterro 5. Transcend 6. StandardFusion 7. SolarWinds
Security Affairs
Historic data leak reveals 26 billion records: check what's exposed
Cybersecurity researcher Bob Dyachenko and CyberNews researchers discovered the largest data leak ever discovered.
CyberNews
Mother of all breaches reveals 26 billion records: what we know so far
The supermassive leak contains data from numerous previous breaches, comprising an astounding 12 terabytes of information, spanning over a mind-boggling 26 billion records. The leak is almost certainly the largest ever discovered.
The Hacker News
Threat Actors Increasingly Abusing GitHub for Malicious Purposes
Cybercriminals are increasingly using GitHub for malicious activities like payload delivery and command-and-control operations.
The Hacker News
5 Ways to Reduce SaaS Security Risks
80% of breaches involve compromised identities. Discover how Nudge Security offers practical SaaS security solutions to safeguard your data.
The Record
Kazakhstan to extradite Russian cyber expert to Moscow despite US requests
Nikita Kislitsin will face hacking and extortion charges in his home country, according to Moscow’s Prosecutor General’s Office.
The Hacker News
Hackers Abusing GitHub to Evade Detection and Control Compromised Hosts
PyPI packages masquerading as network proxy libraries were found to contain malicious code.
The Hacker News
New Malvertising Campaign Distributing PikaBot Disguised as Popular Software
PikaBot, a dangerous loader, is spreading via malvertising campaigns targeting users searching for legit software like AnyDesk
Cyber Security News
PikaBot Attacking Windows Machine via Malicious Search Ads
At the forefront of this digital onslaught is the insidious PikaBot, a malware variant that ingeniously exploits the expansive reach of Google Ads.
Bleeping Computer
Back up anything with $169 off the Offcloud cloud storage
While we may joke that the internet is forever, it can often be anything but. This lifetime subscription to Offcloud helps you keep what matters for $39.99, $169 off the $209 MSRP.
The Hacker News
Russian SVR-Linked APT29 Targets JetBrains TeamCity Servers in Ongoing Attacks
Russian SVR-linked APT29 targets unpatched JetBrains TeamCity servers using CVE-2023-42793, a vulnerability enabling remote code execution by unauthen
Ars Technica
Dropbox spooks users by sending data to OpenAI for AI search features
Feature turned on by default bothers users who like to keep their files private
DarkReading
Iran Threatens Israel's Critical Infrastructure With 'Polonium' Proxy
Cyber mimics life, as Iran uses Lebanese hackers to attack its bête noire.
Computerworld
Unused Gmail accounts head to the chopping block
Google is about to go on a purge for security purposes — save your old account by signing in by December 1.
Ars Technica
Hackers spent 2+ years looting secrets of chipmaker NXP before being detected
Chipmaker claims breach had no "material adverse effect."
Trend Micro
ParaSiteSnatcher How Malicious Chrome Extensions Target Brazil
We detail the modular framework of malicious Chrome extensions that consist of various highly obfuscated components that leverage Google Chrome API to monitor, intercept, and exfiltrate victim data.
SecurityWeek
Insider Q&A: Pentagon AI Chief on Network-Centric Warfare, Generative AI Challenges
Interview with Craig Martell, Chief Digital and AI Officer (CDAO) for the U.S. Department of Defense, about AI use in the military.
The Hacker News
How Multi-Stage Phishing Attacks Exploit QRs, CAPTCHAs, and Steganography
Phishing attacks are getting smarter! Cybercriminals are now using QR codes, CAPTCHAs, and steganography to trick victims. Learn how to stay safe.
The Hacker News
27 Malicious PyPI Packages with Thousands of Downloads Found Targeting IT Experts
Beware of fake Python libraries! 27 malicious packages found on PyPI, disguised as legitimate ones.
Ars Technica
Developers can’t seem to stop exposing credentials in publicly accessible code
Many transgressions come from "very large companies that have robust security teams."
CyberNews
Pro-Hamas cybergang develops complex infection tactics with new downloader
A threat actor targeting West Asian governments now uses a labyrinthine infection chain based on delivering a new initial access downloader dubbed IronWind
Infosecurity News
Pro-Palestine APT Group Uses Novel Downloader in New Campaign
TA402 launches new targeted phishing campaigns
The Hacker News
New Campaign Targets Middle East Governments with IronWind Malware
Government entities in the Middle East are under attack by a new phishing campaign employing the IronWind downloader.
Cyber Security News
11 Best Cloud Access Security Broker Software (CASB) - 2023
Best Cloud Access Security Broker (CASB) Software: 1. DoControl CASB 2. Microsoft Cloud App Security 3. Forcepoint 4. Palo Alto Networks.
Bleeping Computer
Fake Corsair job offers on LinkedIn push DarkGate malware
A threat actor is using fake LinkedIn posts and direct messages about a Facebook Ads specialist position at hardware maker Corsair to lure people into downloading info-stealing malware like DarkGate and RedLine.
DarkReading
Patch Now: APTs Continue to Pummel WinRAR Bug
State-sponsored cyberespionage actors from Russia and China continue to target WinRAR users with various info-stealing and backdoor malware, as a patching lag plagues the software's footprint.
The Hacker News
Google TAG Detects State-Backed Threat Actors Exploiting WinRAR Flaw
Google TAG security experts uncover Russian and Chinese state-backed threat actors exploiting WinRAR vulnerability (CVE-2023-38831)
The Record
Russia and China-linked hackers exploit WinRAR bug
Hackers connected to the governments of Russia and China are allegedly using a vulnerability in a popular Windows tool to attack targets around the world, including in Ukraine and Papua New Guinea.
Cyber Security News
EtherHiding: A Novel Technique to Hide Malicious Code Using Binance's Smart Chain
“EtherHiding” which abuses Binance's Smart Chain (BSC) contracts to host parts of a malicious code chain to hide them inside the blockchain.
The Hacker News
Binance's Smart Chain Exploited in New 'EtherHiding' Malware Campaign
Malicious actors are using Binance's Smart Chain (BSC) contracts to host malicious code and serve it on compromised WordPress
Bleeping Computer
Hackers use Binance Smart Chain contracts to store malicious scripts
Cybercriminals are employing a novel code distribution technique dubbed 'EtherHiding,' which abuses Binance's Smart Chain (BSC) contracts to hide malicious scripts in the blockchain.
The Hacker News
Researchers Unveil ToddyCat's New Set of Tools for Data Exfiltration
Kaspersky sheds light on hacking group ToddyCat's latest arsenal of tools. Designed for data theft, their tactics are more advanced than ever.
The Hacker News
Cybercriminals Using EvilProxy Phishing Kit to Target Senior Executives in U.S. Firms
A new phishing campaign is on the rise, targeting U.S. organizations. Cybercriminals use EvilProxy to hijack accounts.
DarkReading
Fast-Growing Dropbox Campaign Steals Microsoft SharePoint Credentials
Thousands of messages are being sent weekly in a campaign that uses links hosted on legitimate websites to evade natural language processing and URL-scanning email protections.
The Hacker News
APIs: Unveiling the Silent Killer of Cyber Security Risk Across Industries
APIs are under attack! Explore the top API security concerns and why healthcare and manufacturing sectors are targeted
Infosecurity News
China-Linked EvilBamboo Targets Mobiles
This extensive operation is directed at Tibetan, Uyghur and Taiwanese individuals and organizations
The Hacker News
Are You Willing to Pay the High Cost of Compromised Credentials?
Weak passwords = easy targets. 83% of breached passwords meet complexity rules. How can organizations step up their security game? Read more
Trend Micro
Examining the Activities of the Turla APT Group
We examine the campaigns of the cyberespionage group known as Turla over the years, with a special focus on the key MITRE techniques and the corresponding IDs associated with the threat actor group.
The Hacker News
Operation Rusty Flag: Azerbaijan Targeted in New Rust-Based Malware Campaign
Researchers warn of a new sophisticated campaign, Operation Rusty Flag, deploying Rust-based malware in Azerbaijan.
The Hacker News
Vietnamese Cybercriminals Targeting Facebook Business Accounts with Malvertising
Cybercriminals are exploiting social media ads on Meta-owned Facebook for malware distribution. With fraudulent ads, they're targeting businesses and
Ars Technica
Hacker gains admin control of Sourcegraph and gives free access to the masses
We've said it before; we'll say it again: Don't put credentials in publicly available code.
Bleeping Computer
Sourcegraph website breached using leaked admin access token
AI-powered coding platform Sourcegraph revealed that its website was breached this week using a site-admin access token accidentally leaked online on July 14th.
SecurityWeek
Vulnerability in WordPress Migration Plugin Exposes Websites to Attacks
A vulnerability in the All-in-One WP Migration plugin’s extensions exposes WordPress websites to attacks, but patch is available
Bleeping Computer
WordPress migration add-on flaw could lead to data breaches
All-in-One WP Migration, a popular data migration plugin for WordPress sites that has 5 million active installations, suffers from unauthenticated access token manipulation that could allow attackers to access sensitive site information.
Infosecurity News
Flaw Exposes WP Migration Plugin to Hacks
The vulnerable code was identified by the security research team at PatchStack
Bleeping Computer
University of Michigan shuts down network after cyberattack
The University of Michigan has taken all of its systems and services offline to deal with a cybersecurity incident, causing a widespread impact on online services the night before classes started.
Ars Technica
Too many users abused unlimited Dropbox plans, so they’re getting limits
Some people have taken "as much space as you need" too literally.
DarkReading
Attackers Dangle AI-Based Facebook Ad Lures to Hijack Business Accounts
The offending ads and pages leveraged interest in AI to spread a malicious credential-stealing browser extension.
Bleeping Computer
The MOVEit hack and what it taught us about application security
When a cyberattack like the 2023 MOVEit hack makes global news headlines, attention often focuses on the names of the affected organizations. This article from @Outpost24 overviews the Moveit hack and aims to draw some important actionable takeaways for your business.
Trend Micro
Profile Stealers Spread via LLM-themed Facebook Ads
In this entry, we discuss how a threat actor abuses paid Facebook promotions featuring LLMs to spread malicious code, with the goal of installing a malicious browser add-on and stealing victims’ credentials.
Loading more articles....