Group-IB researchers expose a large-scale smishing and phishing operation impersonating 260+ brands across 72 countries, using fake Cloudflare error pages, geofencing, and encrypted WebSocket channels for real-time credit card theft.
Read more…
Source: Group IB
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Ivanti urges customers to patch yet another critical vulnerability
February 9, 2024
In a new blog post, Ivanti says that it has found another vulnerability and urges customers to “immediately take action to ensure you are fully protected”. This vulnerability only affects a limited number of supported versions–Ivanti Connect Secure (version 9.1R14.4, 9.1R17.2, 9.1R18.3, 22.4R2.2 and 22.5R1.1), Ivanti Policy Secure version 22.5R1.1 and ZTA version 22.6R1.3. Please read ...
- Maldocs Of Word And Excel: Vigor Of The Ages
February 8, 2024
Chasing new exploits, vulnerabilities, and threats is the way to go in the ever-changing cybercrime landscape. However, in a constant flow of information, the focus on yesterday’s highlights is low: every day, new CVEs occur, and new threats emerge. With this state of affairs, old menaces can be easily overlooked and still used by the attackers, ...
- Coyote: A multi-stage banking Trojan abusing the Squirrel installer
February 8, 2024
The developers of banking Trojan malware are constantly looking for inventive ways to distribute theirs implants and infect victims. In a recent investigation, Kaspersky researchers encountered a new malware that specifically targets users of more than 60 banking institutions, mainly from Brazil. What caught their attention was the sophisticated infection chain that makes use of various ...
- Google saves your conversations with Gemini for years by default
February 8, 2024
Don’t type anything into Gemini, Google’s family of GenAI apps, that’s incriminating — or that you wouldn’t want someone else to see. That’s the PSA (of sorts) today from Google, which in a new support document outlines the ways in which it collects data from users of its Gemini chatbot apps for the web, Android and ...
- Data of 33 million people in France stolen in its largest ever cyberattack
February 8, 2024
Over 33 million people in France – nearly half of its population – have been impacted by the country’s biggest-ever cyberattack. Two French service providers for medical insurance companies were targetted, with the companies admitting that millions of people’s data were exposed to the hackers. Read more… Source: MSN News
- Warning: Fraudulent App Impersonating LastPass Currently Available in Apple App Store
February 7, 2024
LastPass would like to alert our customers to a fraudulent app attempting to impersonate our LastPass app on the Apple App Store. The app in question is called “LassPass Password Manager” and lists Parvati Patel as the developer. The app attempts to copy our branding and user interface, though close examination of the posted screenshots reveal ...