Attacks & Breaches
Cryptojacking Campaign Exploiting Linux and IoT Devices
Microsoft researchers have identified a series of attacks that employ brute force techniques to gain unauthorized access to systems, enabling illicit cryptocurrency mining for...
Microsoft Exposes Rampant Credential-Stealing Attacks by Russian Hackers
TheCISO -
Microsoft has recently revealed a significant spike in credential-stealing attacks orchestrated by Midnight Blizzard, a Russian state-affiliated hacker group.
These intrusions, which cleverly employed...
List of MOVEit Victim Organizations
TheCISO -
The risk analysis firm Kroll discovered a significant Zero Day vulnerability by the end of May 2023. The subsequent attack on MOVEit software, a...
Massive Ransomware Attack Hits Spanish Bank: Client and Employee Data at Risk
A prominent financial institution in Spain faces the brunt of a severe ransomware attack, impacting multiple branches and raising concerns over compromised personal and...
Amazon Faces $31 Million Penalty for Privacy Violations
Amazon recently reached a settlement with the Federal Trade Commission (FTC) after facing two civil complaints. The allegations against the company involved invading the...
Financially Motivated Actor Targets Unsecured Apache NiFi Instances for Covert Cryptocurrency Mining
TheCISO -
Discoveries by the SANS Internet Storm Center (ISC) shed light on an ongoing campaign orchestrated by a financially motivated threat actor. This cyber criminal...
Unveiling Volt Typhoon: A State-Sponsored Cyber Threat from China
US and global cybersecurity agencies issue a joint advisory, shedding light on the activities of a state-sponsored cyber actor called "Volt Typhoon" originating from...
Unveiling Tesla’s Autopilot Challenges: Widespread Complaints and Data Privacy Concerns
Prevalence of Self-Acceleration and Brake Issues Revealed
A recent report in the esteemed German newspaper Handelsblatt sheds light on an alarming number of complaints regarding...
Unveiling the Reign of GUI-vil: Financially Motivated Cyberthreat Group Targeting AWS Accounts
A financially motivated cyberthreat group has been identified, relentlessly attacking organizations' Amazon Web Services (AWS) accounts with the intent to establish unauthorized cryptomining operations....
Former IT Security Analyst Turns Dark: Inside the Shocking Cyber Attack Hijack
A former IT security analyst at Oxford Biomedica recently confessed to an astonishing act that took place five years ago. In an unexpected twist,...
The Powerful Phishing-as-a-Service Platform Targeting Microsoft 365 Users
In the treacherous world of cybercrime, a formidable adversary has emerged - Greatness, the insidious Phishing-as-a-Service (PhaaS) platform. Since its inception in mid-2022, this...
Unveiling the Power-Packed Merdoor: Lancefly APT Group’s Custom Backdoor Wreaks Havoc in South and Southeast Asia
The Lancefly APT group has emerged as a formidable threat, employing a custom-written backdoor known as Merdoor, which is unleashing havoc on organizations across...
