Security News

Cybercriminals hit jackpot as 500k+ Ohio Lottery lovers lose out on their personal data
2024-05-10 18:15

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Cybercriminals are getting faster at exploiting vulnerabilities
2024-05-10 05:00

Cybercriminals are targeting the ever-increasing number of new vulnerabilities resulting from the exponential growth in the number and variety of connected devices and an explosion in new applications and online services, according to Fortinet. Attacks started on average 4.76 days after new exploits were publicly disclosed: Like the 1H 2023 Global Threat Landscape Report, FortiGuard Labs sought to determine how long it takes for a vulnerability to move from initial release to exploitation, whether vulnerabilities with a high Exploit Prediction Scoring System score get exploited faster, and whether it could predict the average time-to-exploitation using EPSS data.

Mandiant: Orgs are detecting cybercriminals faster than ever
2024-04-23 13:05

Mandiant says the small increase over last year's figures, which were the lowest ever recorded for the region, could be due to data normalizing after Mandiant's work in Ukraine. Its own red teamers are able to achieve their objectives within five to seven days, it said, and given that equally capable enemies are carrying out their attacks regularly, these times need to drop if the number of successful attacks are too.

Cybercriminals threaten to leak all 5 million records from stolen database of high-risk individuals
2024-04-19 11:28

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Cybercriminals pose as LastPass staff to hack password vaults
2024-04-18 14:56

LastPass is warning of a malicious campaign targeting its users with the CryptoChameleon phishing kit that is associated with cryptocurrency theft. According to researchers at mobile security company Lookout, campaigns using this phishing kit also targeted cryptocurrency platforms Binance, Coinbase, Kraken, and Gemini, using pages that impersonated Okta, Gmail, iCloud, Outlook, Twitter, Yahoo, and AOL. During its investigations, LastPass discovered that its service was recently added to the CryptoChameleon kit, and a phishing site was hosted at at the "Help-lastpass[.]com" domain.

Cybercriminals Targeting Latin America with Sophisticated Phishing Scheme
2024-04-08 08:36

A new phishing campaign has set its eyes on the Latin American region to deliver malicious payloads to Windows systems. "The phishing email contained a ZIP file attachment that when extracted...

Cybercriminal adoption of browser fingerprinting
2024-04-05 05:00

Browser fingerprinting is one of many tactics phishing site authors use to evade security checks and lengthen the lifespan of malicious campaigns. While browser fingerprinting has been used by legitimate organizations to uniquely identify web browsers for nearly 15 years, it is now also commonly exploited by cybercriminals: a recent study shows one in four phishing sites using some form of this technique.

Malicious Apps Caught Secretly Turning Android Phones into Proxies for Cybercriminals
2024-04-01 10:10

Several malicious Android apps that turn mobile devices running the operating system into residential proxies (RESIPs) for other threat actors have been observed on the Google Play Store. The...

Cybercriminals use cheap and simple infostealers to exfiltrate data
2024-03-28 04:00

Of these compromised identity records, one in four contained information about the user's network or physical location, putting the individual's identity, platforms they have access to, and physical well-being at risk. Taking a deeper look into how stolen data empowers bad actors to perpetrate cybercrimes including account takeover, fraud, and ransomware, researchers analyzed the exposures of the average digital identity being traded in the criminal underground and found that the average identity appears in as many as nine breaches and is associated with 15 breach records.

KuCoin charged with AML violations that let cybercriminals launder billions
2024-03-27 14:08

The U.S. Department of Justice has charged global cryptocurrency exchange KuCoin and two of its founders for failing to adhere to anti-money laundering requirements, allowing threat actors to use the platform to launder money. Founded in 2017 by Chinese citizens Chun Gan and Ke Tang, KuCoin is one of the largest cryptocurrency exchange platforms to buy, sell, trade, and store a variety of digital currencies.