AT&T says a massive trove of data impacting 71 million people did not originate from its systems after a hacker leaked it on a cybercrime forum and claimed it was stolen in a 2021 breach of the company.

While BleepingComputer has not been able to confirm the legitimacy of all the data in the database, we have confirmed some of the entries are accurate, including those whose data is not publicly accessible for scraping.…

Read More
The Fingerprint Information Inside the Attacker Environment Variable:

The data encapsulated within this variable is delimited by ‘|’. It undergoes partial concealment through various techniques, including base64 encoding, md5 hashing, and string obfuscation. The attacker employs additional characters to obscure the string, and the data’s order undergoes constant permutation.…

Read More

The Mobile Security Framework (MobSF) is an open-source research platform for mobile application security, encompassing Android, iOS, and Windows Mobile.

MobSF can be used for mobile app security assessment, penetration testing, malware analysis, and privacy evaluation. The Static Analyzer is adept at handling popular mobile app binaries such as APK, IPA, APPX, and source code.…

Read More

According to a new report, SIM-swapping crimes are rising worldwide, mainly committed by eSIM (Embedded Subscriber Identity Modules) users. eSIMs are digitally stored SIM cards that are embedded using software into devices. As a result, hackers are now attempting to exploit vulnerabilities within this software to brute force their way into victims’ phone accounts to port their mobile numbers to their own devices through brute force. …
Read More

The Federal Trade Commission has announced a $26 million settlement with two tech support firms that duped consumers into paying for unnecessary antivirus and computer repair services.

According to an FTC complaint (PDF), the Cyprus-based Restoro and Reimage, which previously operated out of Isle of Man, used fake Microsoft Windows pop-ups to scare consumers into believing that their computers were infected with viruses.…

Read More

Cloud account attacks, increasing Mac malware, malvertising morphing from the distribution of adware to more dangerous malware, and more, are all discussed by Red Canary in its 2024 Threat Detection Report.

Released this week, the Report (PDF) is based on the analysis of almost 60,000 threats drawn from 216 petabytes of telemetry from more than 1,000 customers’ endpoints, identities, clouds, and SaaS applications throughout 2023.…

Read More

SIM swappers have adapted their attacks to steal a target’s phone number by porting it into a new eSIM card, a digital SIM stored in a rewritable chip present on many recent smartphone models.

Embedded Subscriber Identity Modules (eSIMs) are digital cards stored on the chip of the mobile device and serve the same role and purpose as a physical SIM card but can be remotely reprogrammed and provisioned, deactivated, swapped, deleted.…

Read More
The ransomware attack that hit the systems of Nissan Oceania in December 2023 impacted roughly 100,000 individuals.

Nissan Oceania, the regional division of the multinational carmaker, announced in December 2023 that it had suffered a cyber attack and launched an investigation into the incident. Nissan immediately notified the Australian Cyber Security Centre and the New Zealand National Cyber Security Centre.…

Read More

Written by World Watch team from CERT Orange Cyberdefense (Marine PICHON, Vincent HINDERER, Maël SARP and Ziad MASLAH) and Sekoia TDR team (Livia TIBIRNA, Amaury G. and Grégoire CLERMONT)

TL;DR Residential proxies are intermediaries that allow an Internet connection to appear as coming from another host; This method allows a user to hide the real origin and get an enhanced privacy or an access to geo-restricted content; Residential proxies represent a growing threat in cyberspace, frequently used by attacker groups to hide among legitimate traffic, but also in a legitimate way; The ecosystem of these proxies is characterised by a fragmented and deregulated offering in legitimate and cybercrime webmarkets; To obtain an infrastructure up to several million hosts, residential proxies providers use techniques that can mislead users who install third-party software; With millions of IP addresses available, they represent a massive challenge to be detected by contemporary security solutions; Defending against this threat requires increased vigilance over the origin of traffic, which may not be what it seems, underlining the importance of a cautious and informed approach to managing network traffic; This joint report is built on extensive research from Sekoia.io…
Read More

Microsoft 365 (formerly Office 365) is Microsoft’s cloud-based suite of productivity tools, which includes email, collaboration platforms, and office applications. All are integrated with Entra ID (referred to as Azure AD in this post) for identity and access management. M365’s centralized storage of organizational data, combined with its ubiquity and widespread adoption, make it a common target of threat actors.…

Read More

Driven by the promise of new lines of revenue and lower manufacturing costs, automobile manufacturers are enthusiastically turning vehicles into next-gen application platforms. Increasingly, organizations that run fleets or have transport as a key part of their business can opt into “software defined” features that can be turned on and off over the air, offered on a subscription basis.…

Read More

Healthcare has long been a primary target for ransomware attacks. This is not changing and is not likely to change. Claroty/Team82’s State of CPS Security – Healthcare 2023 discusses the reasons.

Healthcare comprises a critical industry combining a large-scale use of converged IT and OT with a huge quantity of disparate OT devices dependent on IT control delivered over WiFi – and a very low tolerance for disruption.…

Read More

Mar 13, 2024The Hacker NewsFinancial Fraud / Mobile Security

The threat actors behind the PixPirate Android banking trojan are leveraging a new trick to evade detection on compromised devices and harvest sensitive information from users in Brazil.

The approach allows it to hide the malicious app’s icon from the home screen of the victim’s device, IBM said in a technical report published today.…

Read More

A sophisticated Brazilian banking Trojan is using a novel method for hiding its presence on Android devices.

“PixPirate” is a multipronged malware specially crafted to exploit Pix, an app for making bank transfers developed by the Central Bank of Brazil. Pix makes a good target for Brazil-nexus cybercriminals since, despite being hardly 3 years old, it’s already integrated into most Brazilian banks’ online platforms and sports more than 150 million users according to Statista.…

Read More