Mekotio Banking Trojan Threatens Financial Systems in Latin America

The Mekotio banking trojan is a sophisticated piece of malware that has been active since at least 2015, primarily targeting Latin American countries with the goal of stealing sensitive information — particularly banking credentials — from its targets. Originating in Read More …

Twilio data breach gets a whole lot worse as it confirms hackers accessed Authy user phone numbers

The recent data breach affecting Twilio may have taken a rather unfortunate extra turn after new reports claim the hackers can single out Authy users from the archives. The infamous ShinyHunters hacking collective recently said it stole 33 million phone Read More …

Europol coordinates global action against criminal abuse of Cobalt Strike

Law enforcement has teamed up with the private sector to fight against the abuse of a legitimate security tool by criminals who were using it to infiltrate victims’ IT systems. Older, unlicensed versions of the Cobalt Strike red teaming tool Read More …

The Hidden Danger of PDF Files with Embedded QR Codes

The SonicWall Capture Labs threat research team has been observing PDF files with QR codes being abused by malware authors to deceive users for a long time. QR codes are increasingly popular due to their versatility and ease of use. Read More …

Ukrainian intelligence cyberattack cripples telecom networks in Russian-occupied territories

Mirtelecom subscribers were unable to access the network in occupied Crimea and in occupied parts of Zaporizhzhya and Kherson oblasts. Another Russian provider, Farline, suffered significant damage, primarily in Crimea. Similar attacks continued the following month, targeting propaganda media servers, Read More …

Personal data stolen from unsuspecting airport visitors and plane passengers in “evil twin” attacks

The Australian Federal Police (AFP) have charged a man for setting up fake free WiFi access points in order to steal personal data from people. The crime was discovered when an airline reported a suspicious WiFi network identified by its Read More …

LockBit ransomware attack stole data on millions of Infosys McCamish users

When LockBit ransomware affiliates struck Infosys McCamish Systems (IMS) in late 2023, they did not steal sensitive information on some 57,000 people, as was initially thought. Instead, the threat actors stole valuable intel on more than six million people, a Read More …