Key Points

ReliaQuest has observed 246% more business email compromise (BEC) attempts over the past year; this highlights the growing risk of fraud or other damage caused by cyber attacks, relevant to all sectors and countries.We have developed an advanced detection approach for organizations to identify and counter BEC, surpassing traditional methods by dynamically identifying anomalies.…
Read More

Ukrainian cyber police have arrested three men suspected of hijacking the accounts of over 100 million internet users.

The trio, aged between 20 and 40, were arrested by police in the country’s Kharkiv region under the guidance of the regional prosecutor’s office.

Operating as part of a cybercrime group, they are said to have used brute-force techniques to hijack victims’ email and Instagram accounts that were protected by easy-to-guess passwords.…

Read More

TLDR:

– Firebase allows for easy misconfiguration of security rules with zero warnings

– This has resulted in hundreds of sites exposing a total of ~125 Million user records, including plaintext passwords & sensitive billing information

After the initial buzz of pwning Chattr.ai had settled down, we set to work on scanning the entire internet for exposed PII via misconfigured Firebase instances.…

Read More
Methodology-based scamsTarget-Based ScamsPlatform-Based ScamsOnline
Read More

Fujitsu, the Japanese multinational technology giant, has revealed a data breach resulting from a malware infection within its corporate network. The company disclosed that sensitive files containing both personal and customer information were exposed to the attackers.

Swift Response, Ongoing Investigation

Fujitsu reports that they detected the malware during an internal investigation.…

Read More

A cyberattack in February led to the compromise of 11 email accounts at the International Monetary Fund (IMF), the organization said on Friday. 

In a brief statement, the IMF said the cyber incident was detected on February 16. 

“A subsequent investigation, with the assistance of independent cybersecurity experts, determined the nature of the breach, and remediation actions were taken.…

Read More

The International Monetary Fund (IMF) disclosed a cyber incident on Friday after unknown attackers breached 11 IMF email accounts earlier this year.

This international financial institution, funded by 190 member countries, is also a major United Nations financial agency headquartered in Washington, D.C.

According to a press release published today, the IMF detected the incident in February and is now conducting an investigation to assess the attack’s impact.…

Read More

SIM swappers have adapted their attacks to steal a target’s phone number by porting it into a new eSIM card, a digital SIM stored in a rewritable chip present on many recent smartphone models.

Embedded Subscriber Identity Modules (eSIMs) are digital cards stored on the chip of the mobile device and serve the same role and purpose as a physical SIM card but can be remotely reprogrammed and provisioned, deactivated, swapped, deleted.…

Read More

Mar 14, 2024NewsroomCyber Espionage / Malware

The Russian-speaking cybercrime group called RedCurl is leveraging a legitimate Microsoft Windows component called the Program Compatibility Assistant (PCA) to execute malicious commands.

“The Program Compatibility Assistant Service (pcalua.exe) is a Windows service designed to identify and address compatibility issues with older programs,” Trend Micro said in an analysis published this month.…

Read More

Written by World Watch team from CERT Orange Cyberdefense (Marine PICHON, Vincent HINDERER, Maël SARP and Ziad MASLAH) and Sekoia TDR team (Livia TIBIRNA, Amaury G. and Grégoire CLERMONT)

TL;DRResidential proxies are intermediaries that allow an Internet connection to appear as coming from another host; This method allows a user to hide the real origin and get an enhanced privacy or an access to geo-restricted content; Residential proxies represent a growing threat in cyberspace, frequently used by attacker groups to hide among legitimate traffic, but also in a legitimate way; The ecosystem of these proxies is characterised by a fragmented and deregulated offering in legitimate and cybercrime webmarkets; To obtain an infrastructure up to several million hosts, residential proxies providers use techniques that can mislead users who install third-party software; With millions of IP addresses available, they represent a massive challenge to be detected by contemporary security solutions; Defending against this threat requires increased vigilance over the origin of traffic, which may not be what it seems, underlining the importance of a cautious and informed approach to managing network traffic; This joint report is built on extensive research from Sekoia.io…
Read More

Mar 13, 2024The Hacker NewsFinancial Fraud / Mobile Security

The threat actors behind the PixPirate Android banking trojan are leveraging a new trick to evade detection on compromised devices and harvest sensitive information from users in Brazil.

The approach allows it to hide the malicious app’s icon from the home screen of the victim’s device, IBM said in a technical report published today.…

Read More

A sophisticated Brazilian banking Trojan is using a novel method for hiding its presence on Android devices.

“PixPirate” is a multipronged malware specially crafted to exploit Pix, an app for making bank transfers developed by the Central Bank of Brazil. Pix makes a good target for Brazil-nexus cybercriminals since, despite being hardly 3 years old, it’s already integrated into most Brazilian banks’ online platforms and sports more than 150 million users according to Statista.…

Read More
Introduction

Zscaler’s ThreatLabz recently discovered a new campaign distributing an infostealer called Tweaks (aka Tweaker) that targets Roblox users. Attackers are exploiting popular platforms, like YouTube and Discord, to distribute Tweaks to Roblox users, capitalizing on the ability of legitimate platforms to evade detection by web filter block lists that typically block known malicious servers.…

Read More

A nonprofit has launched the first open source platform aimed at delivering sophisticated anti-fraud capabilities to financial systems in Africa as well as parts of Asia and the Middle East.

The Tazama open source project is real-time financial transaction monitoring software that can be deployed by digital financial services providers to detect and block fraudulent transactions and protect consumer accounts.…

Read More