Group-IB researchers expose a large-scale smishing and phishing operation impersonating 260+ brands across 72 countries, using fake Cloudflare error pages, geofencing, and encrypted WebSocket channels for real-time credit card theft.
Read more…
Source: Group IB
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- An imposter posing as Ukraine’s prime minister tricked his way into a video call with the UK’s defence secretary
March 18, 2022
An imposter posing as Ukraine’s prime minister tricked his way into a video call with the UK’s defence secretary in a suspected Russian ploy. Ben Wallace ordered an immediate inquiry into the security breach on Thursday. During the hoax call Mr Wallace engaged for about 10 minutes with the man, who appeared to have gone through a ...
- New Browser-in-the-Browser attack could be used for phishing
March 18, 2022
A novel way of tricking people out of their passwords has left us wondering if there’s a need to rethink how much we trust our web browsers to protect us and to accelerate efforts to close web security gaps. Earlier this week, an infosec researcher known as mr.d0x described a browser-in-the-browser (BitB) attack. It’s a way ...
- Exotic Lily: Exposing initial access broker with ties to Conti
March 18, 2022
In early September 2021, Threat Analysis Group (TAG) observed a financially motivated threat actor we refer to as EXOTIC LILY, exploiting a 0day in Microsoft MSHTML (CVE-2021-40444). Investigating this group’s activity, we determined they are an Initial Access Broker (IAB) who appear to be working with the Russian cyber crime gang known as FIN12 (Mandiant, ...
- Britain, U.S. warn of satellite communications risks after Ukraine hack
March 18, 2022
Britain and the United States have warned organisations of the risks associated with using satellite communications following a cyberattack on satellite internet modems as Russia invaded Ukraine. Western intelligence agencies have been investigating the attack which disrupted broadband satellite internet access provided by U.S. telecommunications firm Viasat, Reuters reported last week. “It’s certainly something we’re investigating quite ...
- ISC Releases Security Advisories for BIND
March 17, 2022
The Internet Systems Consortium (ISC) has released security advisories that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition. CISA encourages users and administrators to review the following ISC advisories and apply the necessary updates or workarounds. CVE-2021-25220 CVE-2022-0396 CVE-2022-0635 CVE-2022-0667 Read more… Source: U.S. Cybersecurity and ...
- CISA: Strengthening Cybersecurity of SATCOM Network Providers and Customers
March 17, 2022
CISA and the Federal Bureau of Investigation (FBI) are aware of possible threats to U.S. and international satellite communications (SATCOM) networks. Successful intrusions into SATCOM networks could create additional risk for SATCOM network customer environments. In response, CISA and FBI have published joint Cybersecurity Advisory (CSA) Strengthening Cybersecurity of SATCOM Network Providers and Customers, which provides ...