Mexican Hacker Strikes Global Banks with Android Malware: Spanish and Chilean Institutions Main Targets

Between June 2021 and April 2023, a cybercriminal hailing from Mexico has been identified as the mastermind behind a widespread Android mobile malware campaign aimed at financial organizations worldwide. While the primary focus of this operation has been on Spanish and Chilean banks, other...

A United Kingdom citizen involved in a high-profile social media hack in July 2020 has been sentenced to five years in a U.S. prison. Joseph James O'Connor, also known as PlugwalkJoe, received his sentence in the Southern District of New York after pleading guilty to his participation in criminal activities. O'Connor, aged 24, was apprehended in Spain in July 2021.

During the notorious breach...

Between June 2022 and May 2023, an alarming number of over 101,100 compromised OpenAI ChatGPT account credentials surfaced on illicit dark web marketplaces. Shockingly, India alone accounted for 12,632 of these stolen credentials.

Cybersecurity firm Group-IB uncovered the compromised credentials within information stealer logs that were made available for sale on underground cybercrime...

An elaborate cryptocurrency scam, which remained unnoticed until recently, has exploited a network of more than 1,000 fraudulent websites to ensnare unsuspecting victims in a deceptive rewards scheme since January 2021.

According to a recent report by Trend Micro researchers, this extensive operation has likely defrauded thousands of individuals worldwide. The scam has been attributed to a...

Google has discovered a serious problem in its Chrome web browser that hackers are actively using to attack computers. They have quickly taken steps to fix the issue. The problem is known as CVE-2023-3079 and it affects the way Chrome handles certain types of computer code. The company found out about this issue thanks to Clement Lecigne, who works in their security team.

This vulnerability...

Researchers have uncovered an inexpensive method that enables the forceful cracking of smartphone fingerprints, enabling unauthorized access and control of the devices. This technique, known as BrutePrint, exploits two previously unknown vulnerabilities in the smartphone fingerprint authentication (SFA) framework to circumvent safeguards against failed biometric authentication attempts.

The...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding the ongoing exploitation of a medium-severity vulnerability that affects Samsung devices running Android versions 11, 12, and 13.

Samsung has identified the issue as an information disclosure vulnerability that could potentially be abused by an attacker with elevated privileges to bypass the...

Since approximately mid-2022, cybercriminals have been utilizing a recently developed platform called ‘Greatness’, which operates as a phishing-as-a-service (PhaaS or PaaS) solution. This platform specifically focuses on targeting business users who utilize the Microsoft 365 cloud service. Its introduction has significantly reduced the difficulty of conducting phishing attacks.

Greatness...

At its yearly developer conference, Google I/O, the tech company today introduced a myriad of new privacy, safety, and security features. The latest efforts are designed to safeguard its users from cyber threats, such as phishing attacks and malicious websites while giving them greater authority and visibility over their personal data.

Below is an overview of the recently introduced...

Google has partnered with FIDO Alliance, Apple, and Microsoft to develop passkeys as a simpler and more secure alternative to passwords. Today, passkeys will be available as an additional sign-in option alongside passwords and 2-Step Verification (2SV).

Passkeys are a convenient and secure alternative to passwords, eliminating the need for weak and easily guessable phrases. Users can access...