Stay Ahead of Cyber Threats – Daily Security Insights, Powered by AI
TLDR:
– Firebase allows for easy misconfiguration of security rules with zero warnings
– This has resulted in hundreds of sites exposing a total of ~125 Million user records, including plaintext passwords & sensitive billing information
After the initial buzz of pwning Chattr.ai had settled down, we set to work on scanning the entire internet for exposed PII via misconfigured Firebase instances.…
Nevada-based Nations Direct Mortgage said more than 83,000 customers were affected by a late 2023 data breach that leaked Social Security numbers and other sensitive information.
In filings with regulators in Maine and California, the company said it discovered a cybersecurity incident on December 30 that prompted an investigation.…
The fraudulent activities take place across online platforms.
Travel
Fake vacation packages which offer hidden fees or non-existent accommodations.
Utility
Impersonating utility companies to demand immediate payment or threaten with service disconnection.
Tricking individuals into unwanted subscriptions or memberships by offering free trials that automatically convert into paid subscriptions.…
Fujitsu, the Japanese multinational technology giant, has revealed a data breach resulting from a malware infection within its corporate network. The company disclosed that sensitive files containing both personal and customer information were exposed to the attackers.
Swift Response, Ongoing Investigation
Fujitsu reports that they detected the malware during an internal investigation.…
A cyberattack in February led to the compromise of 11 email accounts at the International Monetary Fund (IMF), the organization said on Friday.
In a brief statement, the IMF said the cyber incident was detected on February 16.
“A subsequent investigation, with the assistance of independent cybersecurity experts, determined the nature of the breach, and remediation actions were taken.…
The International Monetary Fund (IMF) disclosed a cyber incident on Friday after unknown attackers breached 11 IMF email accounts earlier this year.
This international financial institution, funded by 190 member countries, is also a major United Nations financial agency headquartered in Washington, D.C.
According to a press release published today, the IMF detected the incident in February and is now conducting an investigation to assess the attack’s impact.…
This article will focus on the newly released BunnyLoader 3.0, as well as historically observed BunnyLoader infrastructure and an overview of its capabilities. BunnyLoader is dynamically developing malware with the capability to steal information, credentials and cryptocurrency, as well as deliver additional malware to its victims.…
SIM swappers have adapted their attacks to steal a target’s phone number by porting it into a new eSIM card, a digital SIM stored in a rewritable chip present on many recent smartphone models.
Embedded Subscriber Identity Modules (eSIMs) are digital cards stored on the chip of the mobile device and serve the same role and purpose as a physical SIM card but can be remotely reprogrammed and provisioned, deactivated, swapped, deleted.…
Authored by ZePeng Chen and Wenfeng Yu
McAfee Mobile Research Team has observed an active scam malware campaign targeting Android users in India. This malware has gone through three stages. The first one is the development stage, from March 2023 to July 2023, during which a couple of applications were created each month.…
France Travail, formerly known as Pôle Emploi, is warning that hackers breached its systems and may leak or exploit personal details of an estimated 43 million individuals.
France Travail is the French governmental agency responsible for registering unemployed individuals, providing financial aid, and assisting them in finding jobs.…
Mar 14, 2024NewsroomCyber Espionage / Malware
The Russian-speaking cybercrime group called RedCurl is leveraging a legitimate Microsoft Windows component called the Program Compatibility Assistant (PCA) to execute malicious commands.
“The Program Compatibility Assistant Service (pcalua.exe) is a Windows service designed to identify and address compatibility issues with older programs,” Trend Micro said in an analysis published this month.…
Written by World Watch team from CERT Orange Cyberdefense (Marine PICHON, Vincent HINDERER, Maël SARP and Ziad MASLAH) and Sekoia TDR team (Livia TIBIRNA, Amaury G. and Grégoire CLERMONT)
TL;DRResidential proxies are intermediaries that allow an Internet connection to appear as coming from another host; This method allows a user to hide the real origin and get an enhanced privacy or an access to geo-restricted content; Residential proxies represent a growing threat in cyberspace, frequently used by attacker groups to hide among legitimate traffic, but also in a legitimate way; The ecosystem of these proxies is characterised by a fragmented and deregulated offering in legitimate and cybercrime webmarkets; To obtain an infrastructure up to several million hosts, residential proxies providers use techniques that can mislead users who install third-party software; With millions of IP addresses available, they represent a massive challenge to be detected by contemporary security solutions; Defending against this threat requires increased vigilance over the origin of traffic, which may not be what it seems, underlining the importance of a cautious and informed approach to managing network traffic; This joint report is built on extensive research from Sekoia.io…Mar 13, 2024The Hacker NewsFinancial Fraud / Mobile Security
The threat actors behind the PixPirate Android banking trojan are leveraging a new trick to evade detection on compromised devices and harvest sensitive information from users in Brazil.
The approach allows it to hide the malicious app’s icon from the home screen of the victim’s device, IBM said in a technical report published today.…
A sophisticated Brazilian banking Trojan is using a novel method for hiding its presence on Android devices.
“PixPirate” is a multipronged malware specially crafted to exploit Pix, an app for making bank transfers developed by the Central Bank of Brazil. Pix makes a good target for Brazil-nexus cybercriminals since, despite being hardly 3 years old, it’s already integrated into most Brazilian banks’ online platforms and sports more than 150 million users according to Statista.…
Change Ransomware Incident: Details so far
The change Ransomware attack
Last week, an Oregon medical practice suffered a serious Ransomware attack called Change Ransomware. Due to the attack, the medical practice was left with an empty bank account. The only way out was to sell the practice to United Health. …Zscaler’s ThreatLabz recently discovered a new campaign distributing an infostealer called Tweaks (aka Tweaker) that targets Roblox users. Attackers are exploiting popular platforms, like YouTube and Discord, to distribute Tweaks to Roblox users, capitalizing on the ability of legitimate platforms to evade detection by web filter block lists that typically block known malicious servers.…
A nonprofit has launched the first open source platform aimed at delivering sophisticated anti-fraud capabilities to financial systems in Africa as well as parts of Asia and the Middle East.
The Tazama open source project is real-time financial transaction monitoring software that can be deployed by digital financial services providers to detect and block fraudulent transactions and protect consumer accounts.…
Users in Brazil are the target of a new banking trojan known as CHAVECLOAK that’s propagated via phishing emails bearing PDF attachments.
“This intricate attack involves the PDF downloading a ZIP file and subsequently utilizing DLL side-loading techniques to execute the final malware,” Fortinet FortiGuard Labs researcher Cara Lin said.…
PRESS RELEASE
Washington, D.C. – U.S. Senator Ron Wyden, D-Ore., with Sens. John Fetterman, D-Penn., and Bill Cassidy, R-La., today introduced the Enhanced Cybersecurity for SNAP Act to upgrade the security of electronic benefit cards and protect families in need from thieves that have stolen millions worth of essential food benefits. …