Have some tips? Write it down and share it to your friends!
Click Login Now button to start!
News
Cyber Security Related News
Cybersecurity experts are warning about North Korean hackers trying to target potential victims on LinkedIn with malware called RustDoor.
According to Jamf Threat Labs, they discovered an attack where a user was approached on LinkedIn by someone pretending to be a recruiter for a legitimate decentralized cryptocurrency exchange called STON.fi.
This attack is part of a broader strategy by North Korean cybercriminals aiming to breach networks by pretending to conduct job...
September 18, 2024 19:54 (1 week, 3 days ago) | 0 | 1 minute read
Two men have been indicted in the U.S. for allegedly running WWH Club, a dark web marketplace specializing in sensitive personal and financial information. Alex Khodyrev, 35, from Kazakhstan, and Pavel Kublitskii, 37, from Russia, face charges of conspiracy to commit access device fraud and wire fraud.
From 2014 to 2024, Khodyrev and Kublitskii are accused of managing WWH Club and its associated sites, including wwh-club[.]ws, wwh-club[.]net, and skynetzone[.]org. These sites served...
September 11, 2024 20:11 (2 weeks, 2 days ago) | 0 | 1 minute read
North Korean hackers have used a fake Windows video conferencing app that pretends to be FreeConference.com to secretly access developers' systems. This is part of an ongoing campaign called Contagious Interview, which is financially motivated.
In August 2024, the Singaporean company Group-IB discovered this new attack. It shows that these hackers are also using installers for both Windows and Apple macOS to spread malware.
Contagious Interview, also known as DEV#POPPER, is a...
September 4, 2024 23:30 (3 weeks, 2 days ago) | 0 | 1 minute read
A new cyber threat has emerged, connected to the RansomHub ransomware, designed to shut down security software on infected computers. Named EDRKillShifter by the cybersecurity company Sophos, this tool joins other similar programs that disable security measures.
Sophos discovered EDRKillShifter during a failed ransomware attack in May 2024. This tool acts as a delivery system for vulnerable drivers, which can be misused to bypass security protections. Security expert Andreas...
August 21, 2024 19:50 (on 8/21/24) | 2 | 1 minute read
A new phishing campaign is exploiting Google Drawings and WhatsApp’s shortened links to deceive users and steal sensitive data. Cybersecurity researchers, including Menlo Security's Ashwin Vamshi, revealed that attackers are using these trusted platforms to craft fake Amazon account verification pages.
The scheme begins with a phishing email directing users to a Google Drawings graphic containing a link to a fake Amazon login page. This page, obscured by multiple URL shorteners,...
August 14, 2024 20:46 (on 8/15/24) | 0 | 1 minute read
Facebook users are being targeted by a scam involving a network of fake websites designed to steal personal and financial information. Identified by Recorded Future’s Payment Fraud Intelligence team on April 17, 2024, this scam, named ERIAKOS, uses the content delivery network oss.eriakos[.]com. The fraudulent sites are only accessible through mobile devices and misleading ads, making them harder for automated systems to detect. The network includes 608 fake websites and operates in short,...
August 7, 2024 20:00 (on 8/8/24) | 0 | 1 minute read
Singapore's retail banking sector has been given a three-month deadline to eliminate the use of one-time passwords (OTPs) for online account authentication, according to a joint announcement by the Monetary Authority of Singapore (MAS) and the Association of Banks in Singapore (ABS) on July 9, 2024.
To combat the growing threat of phishing attacks, banks will transition to using digital tokens for customer logins. The MAS stated, "Customers who have activated their digital...
July 31, 2024 22:33 (on 8/1/24) | 0 | 1 minute read
Apple has issued a firmware update for AirPods addressing a security flaw that could potentially allow unauthorized access to the headphones. Identified as CVE-2024-27867, the vulnerability impacts various models including AirPods (2nd generation and later), AirPods Pro, AirPods Max, Powerbeats Pro, and Beats Fit Pro.
According to Apple's advisory released on Tuesday, the issue involves an authentication weakness during...
July 24, 2024 21:12 (on 7/25/24) | 0 | 1 minute read
An investigation into malware logs on hidden internet platforms revealed thousands of users accessing illegal images of children. This discovery underscores how such data can aid in combating serious crimes. Recorded Future reported finding about 3,300 users with accounts on websites known for these images, and 4.2% had credentials for multiple sites, suggesting involvement in criminal activities. Recently, easily accessible software designed to steal sensitive information like passwords,...
July 18, 2024 23:50 (on 7/19/24) | 1 | 1 minute read
Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the U.K., and the U.S. have issued a warning about a China-linked hacking group called APT40. This group can exploit new security flaws very quickly, sometimes within hours or days of their discovery.
APT40 has targeted organizations in various countries, including Australia and the U.S. They are known for quickly adapting and using proof-of-concept vulnerabilities for attacks. This group, also...
July 10, 2024 21:01 (on 7/11/24) | 1 | 2 minutes read