Have some tips? Write it down and share it to your friends!
Click Login Now button to start!
News
Cyber Security Related News
Cybercriminals are using a new method called Ghost Tap to steal money from victims' accounts on a large scale. This technique relies on near-field communication (NFC) technology and allows thieves to steal funds from stolen credit cards linked to mobile payment services like Google Pay and Apple Pay.
ThreatFabric, a Dutch security company, explained to The Hacker News that criminals can use Google Pay or Apple Pay to transmit payment information anywhere in the world within seconds....
November 20, 2024 19:24 (4 days, 18 hours ago) | 0 | 1 minute read
A new phishing tool called GoIssue is being used to target GitHub users with fake emails designed to steal login details. The tool, created by a hacker known as cyberdluffy, collects email addresses from public GitHub profiles and sends mass emails that look legitimate, tricking users into sharing their personal information or giving access to their code. Priced as low as $150, GoIssue allows attackers to reach many people at once, increasing the chances of success.
In some cases,...
November 13, 2024 22:09 (1 week, 4 days ago) | 0 | 1 minute read
A new strain of Android banking malware called ToxicPanda has infected over 1,500 Android devices, enabling cybercriminals to carry out fraudulent banking transactions.
According to researchers Michele Roviello, Alessandro Strino, and Federico Valentini from Cleafy, the main goal of ToxicPanda is to steal money by taking over bank accounts on compromised devices. This is done using a method known as on-device fraud (ODF), where the malware bypasses...
November 6, 2024 19:32 (2 weeks, 4 days ago) | 0 | 1 minute read
Recent reports indicate that North Korean hackers known as Jumpy Pisces have teamed up with the Play ransomware group between May and September 2024. This is notable as it marks the first collaboration between a state-sponsored group from North Korea and a ransomware network.
Jumpy Pisces, associated with North Korea’s Reconnaissance General Bureau, has previously used other ransomware strains. In August, three U.S. organizations were targeted by the group, but no ransomware was...
October 30, 2024 19:58 (3 weeks, 5 days ago) | 1 | 1 minute read
Hackers are trying to misuse the open-source EDRSilencer tool to interfere with endpoint detection and response (EDR) systems and hide their malicious activities.
Trend Micro has reported that these hackers are attempting to use EDRSilencer in their attacks to avoid being detected.
EDRSilencer, which is based on the NightHawk FireBlock tool from MDSec, is meant to block outgoing traffic from EDR processes using the Windows Filtering Platform (WFP).
It can stop various...
October 16, 2024 20:10 (on 10/17/24) | 0 | 1 minute read
Google is launching a new pilot program in India to automatically block the sideloading of potentially harmful Android apps from third-party sources, following similar tests in Singapore, Thailand, and Brazil. The feature aims to protect users from apps that request sensitive permissions often exploited for financial fraud, such as accessing SMS messages or using accessibility services for malicious activities.
The initiative will start next month and will be gradually rolled out...
October 9, 2024 19:43 (on 10/9/24) | 0 | 1 minute read
A large fraud scheme has been uncovered, involving fake trading apps on the Apple App Store and Google Play Store, along with phishing websites. This was reported by Group-IB.
This scam is part of a consumer investment fraud scheme known as "pig butchering." In this scheme, scammers trick people into investing in cryptocurrency or other financial products after gaining their trust, often pretending to be romantic partners or investment advisors.
These deceptive tactics usually...
October 2, 2024 19:39 (on 10/2/24) | 0 | 1 minute read
Cybersecurity experts are warning about North Korean hackers trying to target potential victims on LinkedIn with malware called RustDoor.
According to Jamf Threat Labs, they discovered an attack where a user was approached on LinkedIn by someone pretending to be a recruiter for a legitimate decentralized cryptocurrency exchange called STON.fi.
This attack is part of a broader strategy by North Korean cybercriminals aiming to breach networks by pretending to conduct job...
September 18, 2024 19:54 (on 9/18/24) | 0 | 1 minute read
Two men have been indicted in the U.S. for allegedly running WWH Club, a dark web marketplace specializing in sensitive personal and financial information. Alex Khodyrev, 35, from Kazakhstan, and Pavel Kublitskii, 37, from Russia, face charges of conspiracy to commit access device fraud and wire fraud.
From 2014 to 2024, Khodyrev and Kublitskii are accused of managing WWH Club and its associated sites, including wwh-club[.]ws, wwh-club[.]net, and skynetzone[.]org. These sites served...
September 11, 2024 20:11 (on 9/12/24) | 0 | 1 minute read
North Korean hackers have used a fake Windows video conferencing app that pretends to be FreeConference.com to secretly access developers' systems. This is part of an ongoing campaign called Contagious Interview, which is financially motivated.
In August 2024, the Singaporean company Group-IB discovered this new attack. It shows that these hackers are also using installers for both Windows and Apple macOS to spread malware.
Contagious Interview, also known as DEV#POPPER, is a...
September 4, 2024 23:30 (on 9/5/24) | 0 | 1 minute read