News • Insights • Analysis
Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software such as Google Chrome and Microsoft Teams. The installers were being used to drop a backdoor identified as Oyster, aka Broomstick. Following execution Read More …
Four web-based systems belonging to the Maritime Industry Authority (MARINA) were “attacked and compromised” on Sunday, MARINA said Monday. MARINA said it deployed its concerned officials and employees to its Central Office to “to implement expeditious measure to ensure the Read More …
Ten countries joined forces with Europol to disrupt the online propaganda activities of religious and politically motivated terrorist organisations across the ideological spectrum. This joint effort, known as Operation HOPPER II, targeted key assets in the online dissemination of terrorist Read More …
The personal data of over 20,000 Chinese University of Hong Kong (CUHK) staff and students has been stolen after a server at one of the institution’s schools was hacked. The server of an online learning system used by CUHK’s School Read More …
U.S. healthcare provider Ascension has provided more details of its “cyber security event” last month, admitting that data was stolen, with some reports also suggesting that the Black Basta ransomware gang was behind the attack. One of the largest nonprofit Read More …
Another day, another data breach. Tile has fallen victim to a mammoth data breach, with cybercriminals stealing sensitive consumer data like names, physical addresses, and phone numbers, and even accessing tools that process location requests made by law enforcement. In Read More …
In 2024, Volexity identified a cyber-espionage campaign undertaken by a suspected Pakistan-based threat actor that Volexity currently tracks under the alias UTA0137. The malware used in these recent campaigns, which Volexity tracks as DISGOMOJI, is written in Golang and compiled Read More …
The Cardinal cybercrime group (aka Storm-1811, UNC4393), which operates the Black Basta ransomware, may have been exploiting a recently patched Windows privilege escalation vulnerability as a zero-day. The vulnerability (CVE-2024-26169) occurs in the Windows Error Reporting Service. If exploited on Read More …
Laval police say they arrested three suspects Wednesday in connection to a massive data breach at Desjardins Group made public in 2019. The data breach at the Quebec-based credit union is thought to be one of the largest ever among Read More …
Since 2022, Trend Micro researchers have been investigating numerous targeted attacks in the Asia-Pacific region that used the same ELF backdoor. Most vendors identify this backdoor as a variant of existing malware such as Gh0st RAT or Rekoobe. However, Trend Read More …
