Key Points
ReliaQuest has observed 246% more business email compromise (BEC) attempts over the past year; this highlights the growing risk of fraud or other damage caused by cyber attacks, relevant to all sectors and countries.We have developed an advanced detection approach for organizations to identify and counter BEC, surpassing traditional methods by dynamically identifying anomalies.…Tag: BANK
An Australian IT contractor has been sentenced to 30 months jail for ripping off the National Maritime Museum.
The nonprofit museum celebrates Australia’s maritime heritage – a matter of some import for the island nation, which therefore attracts government funding.
Among the museum’s exhibits is a retired destroyer, the HMAS Vampire.…
Ukrainian cyber police have arrested three men suspected of hijacking the accounts of over 100 million internet users.
The trio, aged between 20 and 40, were arrested by police in the country’s Kharkiv region under the guidance of the regional prosecutor’s office.
Operating as part of a cybercrime group, they are said to have used brute-force techniques to hijack victims’ email and Instagram accounts that were protected by easy-to-guess passwords.…
TLDR:
– Firebase allows for easy misconfiguration of security rules with zero warnings
– This has resulted in hundreds of sites exposing a total of ~125 Million user records, including plaintext passwords & sensitive billing information
After the initial buzz of pwning Chattr.ai had settled down, we set to work on scanning the entire internet for exposed PII via misconfigured Firebase instances.…
Nevada-based Nations Direct Mortgage said more than 83,000 customers were affected by a late 2023 data breach that leaked Social Security numbers and other sensitive information.
In filings with regulators in Maine and California, the company said it discovered a cybersecurity incident on December 30 that prompted an investigation.…
The fraudulent activities take place across online platforms.
Travel
Fake vacation packages which offer hidden fees or non-existent accommodations.
Utility
Impersonating utility companies to demand immediate payment or threaten with service disconnection.
Tricking individuals into unwanted subscriptions or memberships by offering free trials that automatically convert into paid subscriptions.…
Fujitsu, the Japanese multinational technology giant, has revealed a data breach resulting from a malware infection within its corporate network. The company disclosed that sensitive files containing both personal and customer information were exposed to the attackers.
Swift Response, Ongoing Investigation
Fujitsu reports that they detected the malware during an internal investigation.…
A cyberattack in February led to the compromise of 11 email accounts at the International Monetary Fund (IMF), the organization said on Friday.
In a brief statement, the IMF said the cyber incident was detected on February 16.
“A subsequent investigation, with the assistance of independent cybersecurity experts, determined the nature of the breach, and remediation actions were taken.…
The International Monetary Fund (IMF) disclosed a cyber incident on Friday after unknown attackers breached 11 IMF email accounts earlier this year.
This international financial institution, funded by 190 member countries, is also a major United Nations financial agency headquartered in Washington, D.C.
According to a press release published today, the IMF detected the incident in February and is now conducting an investigation to assess the attack’s impact.…
This article will focus on the newly released BunnyLoader 3.0, as well as historically observed BunnyLoader infrastructure and an overview of its capabilities. BunnyLoader is dynamically developing malware with the capability to steal information, credentials and cryptocurrency, as well as deliver additional malware to its victims.…
SIM swappers have adapted their attacks to steal a target’s phone number by porting it into a new eSIM card, a digital SIM stored in a rewritable chip present on many recent smartphone models.
Embedded Subscriber Identity Modules (eSIMs) are digital cards stored on the chip of the mobile device and serve the same role and purpose as a physical SIM card but can be remotely reprogrammed and provisioned, deactivated, swapped, deleted.…
Authored by ZePeng Chen and Wenfeng Yu
McAfee Mobile Research Team has observed an active scam malware campaign targeting Android users in India. This malware has gone through three stages. The first one is the development stage, from March 2023 to July 2023, during which a couple of applications were created each month.…
France Travail, formerly known as Pôle Emploi, is warning that hackers breached its systems and may leak or exploit personal details of an estimated 43 million individuals.
France Travail is the French governmental agency responsible for registering unemployed individuals, providing financial aid, and assisting them in finding jobs.…
Mar 14, 2024NewsroomCyber Espionage / Malware
The Russian-speaking cybercrime group called RedCurl is leveraging a legitimate Microsoft Windows component called the Program Compatibility Assistant (PCA) to execute malicious commands.
“The Program Compatibility Assistant Service (pcalua.exe) is a Windows service designed to identify and address compatibility issues with older programs,” Trend Micro said in an analysis published this month.…
Written by World Watch team from CERT Orange Cyberdefense (Marine PICHON, Vincent HINDERER, Maël SARP and Ziad MASLAH) and Sekoia TDR team (Livia TIBIRNA, Amaury G. and Grégoire CLERMONT)
TL;DRResidential proxies are intermediaries that allow an Internet connection to appear as coming from another host; This method allows a user to hide the real origin and get an enhanced privacy or an access to geo-restricted content; Residential proxies represent a growing threat in cyberspace, frequently used by attacker groups to hide among legitimate traffic, but also in a legitimate way; The ecosystem of these proxies is characterised by a fragmented and deregulated offering in legitimate and cybercrime webmarkets; To obtain an infrastructure up to several million hosts, residential proxies providers use techniques that can mislead users who install third-party software; With millions of IP addresses available, they represent a massive challenge to be detected by contemporary security solutions; Defending against this threat requires increased vigilance over the origin of traffic, which may not be what it seems, underlining the importance of a cautious and informed approach to managing network traffic; This joint report is built on extensive research from Sekoia.io…Mar 13, 2024The Hacker NewsFinancial Fraud / Mobile Security
The threat actors behind the PixPirate Android banking trojan are leveraging a new trick to evade detection on compromised devices and harvest sensitive information from users in Brazil.
The approach allows it to hide the malicious app’s icon from the home screen of the victim’s device, IBM said in a technical report published today.…
A sophisticated Brazilian banking Trojan is using a novel method for hiding its presence on Android devices.
“PixPirate” is a multipronged malware specially crafted to exploit Pix, an app for making bank transfers developed by the Central Bank of Brazil. Pix makes a good target for Brazil-nexus cybercriminals since, despite being hardly 3 years old, it’s already integrated into most Brazilian banks’ online platforms and sports more than 150 million users according to Statista.…
Change Ransomware Incident: Details so far
The change Ransomware attack
Last week, an Oregon medical practice suffered a serious Ransomware attack called Change Ransomware. Due to the attack, the medical practice was left with an empty bank account. The only way out was to sell the practice to United Health. …Zscaler’s ThreatLabz recently discovered a new campaign distributing an infostealer called Tweaks (aka Tweaker) that targets Roblox users. Attackers are exploiting popular platforms, like YouTube and Discord, to distribute Tweaks to Roblox users, capitalizing on the ability of legitimate platforms to evade detection by web filter block lists that typically block known malicious servers.…
A nonprofit has launched the first open source platform aimed at delivering sophisticated anti-fraud capabilities to financial systems in Africa as well as parts of Asia and the Middle East.
The Tazama open source project is real-time financial transaction monitoring software that can be deployed by digital financial services providers to detect and block fraudulent transactions and protect consumer accounts.…