A new malware campaign targeting Magento-based online stores has surfaced, with cybercriminals injecting digital skimmers to steal credit card details. These skimmers capture information like card numbers, expiration dates, and CVV codes during the checkout process. The attackers exploited a common vulnerability across hundreds of stores, resulting in over a …
The Everest ransomware group, a Russian-speaking threat actor, has intensified its focus on the U.S. healthcare sector. This group, active since 2020, recently claimed responsibility for attacks on medical care providers in New York and Nevada, stealing sensitive patient and doctor information. Everest’s activities include ransomware operations and selling unauthorized …
A recent malvertising campaign has targeted Slack users by leveraging Google’s ad platform. The attackers created a fake ad that initially appeared legitimate, redirecting users to Slack’s official site. However, after days of inactivity, the ad began directing users to a fraudulent website designed to mimic Slack and deliver malware. …
Cybercriminals are exploiting the Steam gaming platform to host command and control (C2) domains by using Steam user accounts. This allows malware to fetch details for establishing a destination for C2 or data exfiltration. A recent investigation revealed a threat actor hiding their C2 domains with a substitution cipher, which, …
Sophos researchers recently analyzed a ransomware attack by RansomHub, uncovering a new tool that disables Endpoint Detection and Response (EDR) systems. They named this tool EDRKillShifter, which allows attackers to disable EDR agents before launching further attacks. John Bambenek, President of Bambenek Consulting, noted that while RansomHub currently uses this …
Security researchers at Palo Alto Networks uncovered a large-scale extortion campaign exploiting misconfigured cloud environments. Attackers targeted over 110,000 domains by accessing exposed .env files, which contained sensitive information like AWS IAM keys, SaaS API keys, and database logins. These misconfigurations allowed attackers to infiltrate cloud environments, exfiltrate data, and …
The first half of 2024 saw ransomware gangs extort over $459 million from victims, marking a sharp increase and setting the stage for a record-breaking year. A report from blockchain research firm Chainalysis reveals that the median ransom demanded by the most dangerous ransomware groups surged from $198,939 in early …
There were no email addresses in the social security number files. If you find yourself in this data breach via HIBP, there’s no evidence your SSN was leaked, and if you’re in the same boat as me, the data next to your record may not even be correct.
The recent emergence of Deep-Live-Cam has sparked significant concern in the cybersecurity community as it allows users to impersonate individuals in real-time video chats using just a single photo. The software, which has gained viral attention, demonstrates the rapid advancement of face-swapping technology, making it accessible for malicious actors. As …
Orion, a leading supplier of carbon black, recently lost $60 million in a business email compromise (BEC) scam. Cybercriminals tricked a non-executive employee into making multiple wire transfers to their accounts. This incident highlights the growing threat of BEC attacks, where scammers often impersonate executives or manipulate employees to authorize …
