#Infosec

Steam Platform Used in Cyberattack

Cybercriminals are exploiting the Steam gaming platform to host command and control (C2) domains by using Steam user accounts. This allows malware to fetch details for establishing a destination for C2 or data exfiltration. A recent investigation revealed a threat actor hiding their C2 domains with a substitution cipher, which, …

Read More

Ransomware Surge Despite Global Efforts

Ransomware attacks surged in the first half of 2024, with Rapid7 reporting more than 2,570 incidents—an average of 14 attacks per day. The number of criminal groups has expanded, increasing pressure on victims, as 68 groups posted 2,611 data leaks, a 23% rise from last year. Despite law enforcement efforts, …

Read More

3 Billion Personal data Breached

Jerico Pictures Inc., operating as National Public Data, exposed nearly 3 billion personal records in an April data breach. On April 8, the cybercriminal group USDoD listed the “National Public Data” database for sale on a dark web forum, demanding $3.5 million. The breach, one of the largest ever, includes …

Read More

Hackers Hijack Updates to Deploy Malware

Chinese hacking group StormBamboo compromised an internet service provider (ISP) to deliver malware through poisoned software updates. The hacker group, active for over a decade, targeted organizations across Asia and beyond. They exploited insecure HTTP update mechanisms that lacked digital signature validation. By intercepting DNS requests, they injected malicious IP …

Read More

Phishing Targets OneDrive Users Globally

A sophisticated phishing campaign is targeting Microsoft OneDrive users, aiming to trick them into executing a malicious PowerShell script. The attack begins with an email containing an .html file that simulates a OneDrive error page. The fake page urges users to fix a DNS issue by following specific steps. If …

Read More

PowerShell Backdoor Threat Found

Walmart’s Cyber Intelligence Team has discovered an unknown PowerShell backdoor linked to a new variant of the Zloader/SilentNight malware. This sophisticated backdoor provides threat actors with access to systems for reconnaissance and deployment of additional malware. It employs advanced obfuscation techniques, making detection challenging. The backdoor’s discovery highlights a broader …

Read More

Data Breach Hits HealthEquity Users

HealthEquity has revealed that a data breach at a third-party vendor compromised the personal and health information of 4.3 million individuals. The breach, identified on March 25, exposed protected health information (PHI) and personally identifiable information (PII) stored in an unstructured data repository outside of HealthEquity’s core systems. Attackers gained …

Read More

Ransomware and BEC Attacks Surge in 2024 Cyber Incidents

In the second quarter of 2024, ransomware and business email compromise (BEC) attacks constituted 60% of all cyber incidents, as reported by Cisco Talos. Technology was the most targeted sector, accounting for 24% of incidents, reflecting a 30% increase from the previous quarter. Attackers are focusing on tech firms as …

Read More

HHS Cloud Systems at Risk

The Department of Health and Human Services (HHS) faces significant cloud security vulnerabilities, as highlighted in a recent audit by the Office of Inspector General (OIG). The report reveals weaknesses in a dozen security controls and inadequacies in HHS’ cloud inventory processes. Critical issues include a lack of multifactor authentication …

Read More

Daolpu Malware Hits Windows Systems

CrowdStrike warns of a new malware campaign that exploits the recent Falcon update bug, leading to widespread IT outages. Cybercriminals are distributing the Daolpu information-stealing malware through phishing emails disguised as recovery instructions. Once active, Daolpu harvests account credentials, browser history, and cookies from popular web browsers, posing a significant …

Read More