Okta breach happened after employee logged into personal Google account

Okta has revealed details about a recent breach which exposed files belonging to customers. As Malwarebytes explained in their article about 1Password being a victim of this breach, it’s normal for Okta support to ask customers to upload a file Read More …

More than 100,000 hackers have details exposed through malware on cyber crime forums

Researchers have revealed that more than 100,000 hackers could be operating on compromised devices due to their involvement on cyber crime forums. A study from Hudson Rock identified around 120,000 devices infected with malware that contained login credentials for cyber Read More …

NodeStealer 2.0 – The Python Version: Stealing Facebook Business Accounts

Unit 42 researchers have recently discovered a previously unreported phishing campaign that distributed an infostealer equipped to fully take over Facebook business accounts. Facebook business accounts were targeted with a phishing lure offering tools such as spreadsheet templates for business. Read More …

Uncovering an Iranian mobile malware campaign

During a recent proactive hunt for malicious mobile malware, Sophos X-Ops researchers from SophosLabs discovered a group of four credential-harvesting apps targeting customers of several Iranian banks. Most of the apps are signed using the same – possibly stolen – Read More …

Hibernating Qakbot: A Comprehensive Study and In-depth Campaign Analysis

In the ever-evolving landscape of cyber threats, banking trojans continue to pose a significant risk to organizations worldwide. Among them, Qakbot, also known as QBot or Pinkslipbot, stands out as a highly sophisticated and persistent malware active since 2007, targeting Read More …

Legion: New hacktool steals credentials from misconfigured sites

A new Python-based credential harvester and SMTP hijacking tool named ‘Legion’ is being sold on Telegram that targets online email services for phishing and spam attacks. Legion is sold by cybercriminals who use the “Forza Tools” moniker and operate a Read More …

Fake Mobile Apps Steal Facebook Credentials, Cryptocurrency-Related Keys

Trend Micro researchers recently observed a number of apps on Google Play designed to perform malicious activities such as stealing user credentials and other sensitive user information, including private keys. Because of the number and popularity of these apps — Read More …

Spear-Phishing Campaign Exploits Glitch Platform to Steal Credentials

A long-term spear-phishing campaign is targeting employees of major corporations with emails containing PDFs that link to short-lived Glitch apps hosting credential-harvesting SharePoint phishing pages, researchers have found. Researchers from DomainTools discovered the suspicious PDFs – which themselves do not Read More …