Cybercrime

October 24, 2023

This Zscaler ThreatLabz blog serves as a brief synopsis of the key points revealed in their 2023 Enterprise IoT and OT Threat Report. The report explores the growth of Internet of Things (IoT) device traffic and IoT malware attacks, in addition to how legacy vulnerabilities, targeted devices, and specific industries have become central players in the ...

October 24, 2023

In Brazil the PIX payment system is becoming more and more popular. Unsurprisingly, cybercriminals are jumping on the bandwagon, trying to abuse the system for their profit. A good example of this is GoPIX, a malware campaign that has been active since December 2022. The attack cycle begins when a potential victim searches for “WhatsApp web”. ...

October 23, 2023

Okta has shed more than $2 billion from its market valuation since the company disclosed a hack of its support systems Friday. The high-profile incident is the latest in a string of incidents that have been tied to Okta or its products, including a spate of intrusions at casinos that crippled Las Vegas hotel rooms ...

October 23, 2023

Proofpoint researchers have long tracked clusters of malicious activity using banking malware to target users and organizations in Brazil and surrounding countries. Recently, researchers observed multiple threat clusters targeting Spain from threat actors and malware that have traditionally targeted Portuguese and Spanish speakers in Brazil, Mexico, and other parts of the Americas. While the targeting ...

October 23, 2023

Travellers using the popular hotel website Booking.com are being warned not to fall for scam emails asking them to confirm their hotel payment, after a hack of Booking.com’s email system. In recent weeks the Observer has been contacted by a number of customers claiming that they had received scam emails from within the Booking.com system. ...

October 22, 2023

All it apparently took for one Philippine hacker to break into a government website was “Admin123” – a password that reflects what experts say is the authorities’ lax attitude towards cybersecurity that not only leaves millions of Filipinos vulnerable to identity theft but has exposed some of the country’s top military secrets. On October 3, ...

October 21, 2023

You can never be too careful when surfing the web, even if you’re looking for a new job. Corsair is a prominent name in the gaming hardware and accessories market, and it stands to reason that it would be a hot destination for enthusiasts in the market for a new job. However, some nefarious parties are ...

October 20, 2023

This week, law enforcement and judicial authorities from eleven countries delivered a major blow to one of the most dangerous ransomware operations of recent years. This action, coordinated at international level by Europol and Eurojust, targeted the Ragnar Locker ransomware group. The group were responsible for numerous high-profile attacks against critical infrastructure across the world. In ...

October 19, 2023

In April of this year, the FBI published an advisory on attacks targeting government, law enforcement, and non-profit organizations. Attackers download scripts onto victims’ devices, delivering several types of malware all at once. The main aim is to utilize company resources for mining, steal data using keyloggers, and gain backdoor access to systems. According to Kaspersky ...

October 19, 2023

Servers are always a point of interest for threat actors as they are one of the most efficient attack vectors to penetrate an organization. Server-related accounts often have the highest privilege levels, making lateral movement to other machines in the network easily achievable. Sophos X-Ops has observed a wide variety of threats being delivered to ...