Security News

Tax-paying individuals in Mexico and Chile have been targeted by a Mexico-based cybercrime group that goes by the name Fenix to breach targeted networks and steal valuable data. "These fake websites prompt users to download a supposed security tool, claiming it will enhance their portal navigation safety," Metabase Q security researchers Gerardo Corona and Julio Vidal said in a recent analysis.

Businesses operating in the Latin American region are the target of a new Windows-based banking trojan called TOITOIN since May 2023. "This sophisticated campaign employs a trojan that follows a multi-staged infection chain, utilizing specially crafted modules throughout each stage," Zscaler researchers Niraj Shivtarkar and Preet Kamal said in a report published last week.

What is new is the extent to which the balloon was driven by US hardware, which unnamed sources told the Wall Street Journal was "Crammed" with off-the-shelf components that could have easily been purchased online. In February, US officials added six Chinese companies to its trade-restricting Entity List over their work with the Chinese government to develop high-altitude balloons like the one in question.

A vendor that operates a pilot recruitment platform used by maor airlines exposed the personal files of more than 8,000 pilot and cadet applicants at American Airlines and Southwest Airlines. Both American and Southwest on June 23 sent letters to those people affected by the hack of Pilot Credentials, a company based in Austin, Texas, that was founded in 2005 and manages online pilot recruitment portals for American, Southwest, and other airlines.

American Airlines and Southwest Airlines, two of the largest airlines in the world, disclosed data breaches on Friday caused by the hack of Pilot Credentials, a third-party vendor that manages multiple airlines' pilot applications and recruitment portals. According to breach notifications filed on Friday with Maine's Office of the Attorney General, American Airlines said the data breach affected 5745 pilots and applicants, while Southwest reported a total of 3009.

Foreign affairs ministries in the Americas have been targeted by a Chinese state-sponsored actor named Flea as part of a recent campaign that spanned from late 2022 to early 2023. The cyber attacks, per Broadcom's Symantec, involved a new backdoor codenamed Graphican.

The FBI doesn't want to lose its favorite codified way to spy, Section 702 of the US Foreign Intelligence Surveillance Act. In its latest salvo, the agency's deputy director Paul Abbate called it "Absolutely critical for the FBI to continue protecting the American people."

The American Bar Association has suffered a data breach after hackers compromised its network and gained access to older credentials for 1,466,000 members.The ABA is the largest association of lawyers and legal professionals globally, with 166,000 members as of 2022.

The U.S. Federal Trade Commission revealed today that Americans lost almost $8.8 billion to various types of scams in 2022, following a significant surge of over 30% more lost to fraud compared to the previous year. In 2021, Americans also reported losses of more than $5.8 billion to fraud, another massive increase of over 70% compared to 2020.

Microsoft on Monday attributed a China-based cyber espionage actor to a set of attacks targeting diplomatic entities in South America. The threat actor is said to use established hacking tools such as ShadowPad to infiltrate targets and maintain persistent access.