Mitm Phishing Attack Can Let Attackers Unlock And Steal A Tesla
Update: Title and content updated to clarify this is MiTM phishing attack conducted using a Flipper Zero but it could...
Month: March 2024
Critical Fortinet Flaw May Impact 150 000 Exposed Devices
Scans on the public web show that approximately 150,000 Fortinet FortiOS and FortiProxy secure web gateway systems are vulnerable to...
Microsoft Says Russian Hackers Breached Its Systems Accessed Source Code
Microsoft says the Russian 'Midnight Blizzard' hacking group recently accessed some of its internal systems and source code repositories using...
FBI: US Ransomware Losses Surge 74% to $59.6 Million in 2023
Ransomware losses in the US surged to $59.6m in 2023, a 74% rise on the previous year’s reported figure of...
Former Google Engineer Charged With Stealing AI Secrets
A Chinese national who used to work at Google has been charged with stealing intellectual property from the tech giant...
Ransomware Attackers Leak Sensitive Swiss Government Documents, Login Credentials
Sensitive Swiss federal government data, including classified documents and log in credentials, were leaked by the Play ransomware group following...
Governments Eye Disclosure Requirements for AI Development Labs
AI laboratories will be compelled to disclose their development of general-purpose AI as governments look to have more oversight over...
UnitedHealth Sets Timeline to Restore Change Healthcare Systems After BlackCat Hit
UnitedHealth Group has published a timeline to restore Change Healthcare’s systems following the BlackCat/ALPHV ransomware attack, which has led to...
Dropbox Used to Steal Credentials and Bypass MFA in Novel Phishing Campaign
A novel phishing campaign leveraged legitimate Dropbox infrastructure and successfully bypassed multifactor authentication (MFA) protocols, new research from Darktrace has...
Evasive Panda Targets Tibet With Trojanized Software
A sophisticated cyber-espionage campaign by the China-aligned APT group Evasive Panda (also known as BRONZE HIGHLAND and Daggerfly) has been...
RATs Spread Via Fake Skype, Zoom, Google Meet Sites
Cybersecurity researchers have uncovered a new cyber-threat involving fraudulent Skype, Google Meet and Zoom websites aimed at spreading malware. The campaign,...
NSA Launches Top 10 Cloud Security Mitigation Strategies
As businesses migrate their services to hybrid and multi-cloud environments, cloud misconfigurations and security flaws are becoming critical points of...
Third-Party Breach and Missing MFA Contributed to British Library Cyber-Attack
The British Library ransomware attack was likely caused by the compromise of third-party credentials coupled with no multifactor authentication (MFA)...
Telemedicine Business Owner Faces 20 Years For $136m Fraud
A nurse practitioner has pleaded guilty to her role in a massive $136m conspiracy to defraud the US government’s Medicare...
Russia’s Midnight Blizzard Accesses Microsoft Source Code
A notorious Russian state-backed APT group has accessed Microsoft source code and internal systems in an ongoing campaign that was...
Abyss Ransomware Victim: neigc[.]com
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
New ‘Connected Places’ infographic published
New 'Connected Places' infographic published It’s been almost 3 years since we released our ‘Connected Places Cyber Security Principles’. Today...
Habib’s – 3,517,679 breached accounts
HIBP In August 2021, the Brazilian fast food company "Habib's" suffered a data breach that was later redistributed as part...
APK.TW – 2,451,197 breached accounts
HIBP In September 2022, the Taiwanese Android forum APK.TW suffered a data breach that was later redistributed as part of...
WoTLabs – 21,994 breached accounts
HIBP In March 2024, WoTLabs (World of Tanks Statistics and Resources) suffered a data breach and website defacement attributed to...
Online Trade (Онлайн Трейд) – 3,805,265 breached accounts
HIBP In September 2022, the Russian e-commerce website Online Trade (Онлайн Трейд) suffered a data breach that exposed 3.8M customer...
CovenantC2 Detected – 35[.]233[.]38[.]208:443
The Information provided at the time of posting was detected as "Covenant C2". Depending on when you are viewing this...
Brute Ratel C4 Detected – 13[.]113[.]86[.]16:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
US-CERT Vulnerability Summary for the Week of February 26, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
