Group-IB researchers expose a large-scale smishing and phishing operation impersonating 260+ brands across 72 countries, using fake Cloudflare error pages, geofencing, and encrypted WebSocket channels for real-time credit card theft.
Read more…
Source: Group IB
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Critical hole in Atlassian Bitbucket allows any miscreant to hijack servers
August 29, 2022
A critical command-injection vulnerability in multiple API endpoints of Atlassian Bitbucket Server and Data Center could allow an unauthorized attacker to remotely execute malware, and view, change, and even delete data stored in repositories. Atlassian has fixed the security holes, which are present in versions 7.0.0 to 8.3.0 of the software, inclusive. Luckily there are no ...
- NATO investigates hacker sale of missile firm data
August 26, 2022
Nato is assessing the impact of a data breach of classified military documents being sold by a hacker group online. The data includes blueprints of weapons being used by Nato allies in the Ukraine war. Criminal hackers are selling the dossiers after stealing data linked to a major European weapons maker. MBDA Missile Systems admitted its data was ...
- Twilio breach let hackers gain access to Authy 2FA accounts
August 26, 2022
Twilio’s investigation into the attack on August 4 reveals that hackers gained access to some Authy user accounts and registered unauthorized devices. Authy is a two-factor authentication (2FA) service from Twilio that allows users to secure their online accounts where the feature is supported by identifying a second time via a dedicated app after typing in ...
- PyPI warns of first-ever phishing campaign against its users
August 26, 2022
The Python Package Index, better known among developers as PyPI, has issued a warning about a phishing attack targeting developers who use the service. The community-run organization said this is the first known phishing attack against PyPI users. And the attack has unfortunately been somewhat successful, resulting in the compromise of some users’ accounts. PyPI is an ...
- Cyber criminals are launching phishing attacks on LinkedIn
August 25, 2022
Regular users of LinkedIn, the professional networking and social working platform, have noticed an increase of threat actors trying to steal critical personal information through phishing attacks. These cyber criminals are using false LinkedIn accounts to trick unsuspecting victims into giving up confidential information. How are they doing it? Threat actors start by creating fraudulent LinkedIn ...
- MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations
August 25, 2022
In recent weeks, the Microsoft Threat Intelligence Center (MSTIC) and Microsoft 365 Defender Research Team detected Iran-based threat actor MERCURY leveraging exploitation of Log4j 2 vulnerabilities in SysAid applications against organizations all located in Israel. MSTIC assesses with high confidence that MERCURY’s observed activity was affiliated with Iran’s Ministry of Intelligence and Security (MOIS). While MERCURY ...