Check Point Research (CPR) found security flaws in Amazon Kindle, the world’s most popular e-reader. By tricking victims into opening a malicious e-book, a threat actor could have leveraged the flaws to target specific demographics and take full control of a Kindle device, opening a path to stealing information stored. Victims would need to simply…
In the summer of 2019, our researchers discovered a massive malicious campaign against telecommunications providers that we dubbed Operation Soft Cell. This week, our researchers revealed details of more pervasive attacks against telecommunications providers. The DeadRinger report reveals a cyber espionage campaign out of China targeting providers in Southeast Asia. What We Know One of…
Multiple cybercriminal groups are leveraging a malware-as-a-service (MaaS) solution to distribute a wide range of malicious software distribution campaigns that result in the deployment of payloads such as Campo Loader, Hancitor, IcedID, QBot, Buer Loader, and SocGholish against individuals in Belgium as well as government agencies, companies, and corporations in the U.S.Dubbed “
CVE-2021-1522
Исследователи из антивирусной компании ESET рассказали о набирающем обороты виде онлайн-мошенничества с сим-картами. С помощью новой схемы злоумышленники могут получить доступ к телефонному номеру жертвы и перевести его деньги из банковских приложений. «Фишка» нового подхода в комбинации уже известных ранее мошеннических уловок, и, как предупредили в ESET, такой обман на практике очень сложно доказать. Всё…
Critical Infrastructure Security , Cybercrime , Cybercrime as-a-service Symantec: China-Linked Actors Investigate SCADA Systems Akshaya Asokan (asokan_akshaya) • August 7, 2021 An unidentified hacking group with suspected China ties is targeting critical infrastructure in South East Asia as part of a cyberespionage campaign to exfiltrate information about the victim’s SCADA systems. says a…
Cybercrime , Fraud Management & Cybercrime , Fraud Risk Management Report: XSS and Exploit Forum Members Using Workarounds to Violate the Ban Doug Olenick (DougOlenick) • August 6, 2021 A forum user receives a warning for attempting to trade ransomware. (Source: Digital Shadows) The decision by the Russian-speaking darknet forums XSS and Exploit…
Critical Infrastructure Security , Cybercrime , Cybercrime as-a-service Symantec: China-Linked Actors Investigate SCADA Systems Akshaya Asokan (asokan_akshaya) • August 7, 2021 An unidentified hacking group with suspected China ties is targeting critical infrastructure in South East Asia as part of a cyberespionage campaign to exfiltrate information about the victim’s SCADA systems. says a…
An anonymous reader quotes a report from Ars Technica: Cybersecurity at eight federal agencies is so poor that four of them earned grades of D, three got Cs, and only one received a B in a report issued Tuesday by a US Senate Committee. “It is clear that the data entrusted to these eight key…
CISA’s launches joint cyber defense effort By Chris Riotta Aug 06, 2021 The Joint Cyber Defense Collaborative, a new initiative launched Aug. 5 by the Cybersecurity and Infrastructure Security Agency, aims to help the U.S. defend against cyber threats to critical infrastructure. The JCDC plans to unify cyber defense by leading the development…
