Threat actors leaked data stolen from EA, including FIFA code
Threat actors that hacked Electronic Arts in June have leaked full data dump stolen from the company after the failure...
OSINT
SolarWinds hackers breached 27 state attorneys’ offices
Microsoft Office 365 email accounts of employees at 27 US Attorneys’ offices were breached by the Russia-linked SVR group as part of...
Seven-Fold Surge in Dark Web Ads Providing Corporate Network Access
In the latest study, researchers at Positive Technologies have documented the evolution of hacker-placed ads on the Dark Web from...
Bot that helps hackers write code
The Copilot service developed by Microsoft and GitHub specialists, designed to simplify the work of programmers, can be used by...
Wiper Malware Used in Attack Against Iranian Railway
The cyber-attack that crippled Iran's national railway system at the beginning of the month was caused by a disk-wiping malware...
Two Belarusian Arrested in Black Box ATM Attack
The Polish authorities have detained two individuals committing so-called ‘Black Box’ attacks, targeting ATMs, whereby criminal offenders attach electronic devices...
Following a Ransomware Cyberattack, D-BOX Stated it is Gradually Restarting Operations
After a ransomware cyberattack on its internal information-technology systems, D-BOX Technologies Inc. says it is progressively resuming operations, with restoration...
Cerbrutus – Network Brute Force Tool, Written In Python
Modular brute force tool written in Python, for very fast password spraying SSH, and FTP and in the near future...
Ruse – Mobile Camera-Based Application That Attempts To Alter Photos To Preserve Their Utility To Humans While Making Them Unusable For Facial Recognition Systems
Mobile camera-based application that attempts to alter photos to preserve their utility to humans while making them unusable for facial...
Android Banking Trojan Vultur uses screen recording for credentials stealing
Experts spotted a new strain of Android banking Trojan dubbed Vultur that uses screen recording and keylogging for the capturing...
CVE-2021-3490 – Pwning Linux kernel eBPF on Ubuntu machines
Researcher published an exploit code for a high-severity privilege escalation flaw (CVE-2021-3490) in Linux kernel eBPF on Ubuntu machines. The...
LemonDuck no longer settles for breadcrumbs
LemonDuck has evolved from a Monero cryptominer into LemonCat, a Trojan that specializes in backdoor installation, credential and data theft,...
Spear-phishing now targets employees outside the finance and executive teams, report says
Social engineering attacks have been a longstanding concern for both individuals and organizations alike. The trend, as we know it,...
Severe Shopify Flaw Exposed GitHub Access Token And Source Code Repositories
Computer science student Augusto Zanellato has earned a $50,000 payday following the discovery of a publicly available GitHub Personal Access...
XAMPP Hosts are Employed to Distribute Agent Tesla
RiskIQ's research team has evaluated the familiar fingerprints campaign in dangerous infrastructure from famous malware families. Their examination of Agent...
Malicious Linux Shell Scripts Used to Evade Defenses
Attackers' evasive methods stretch back to the times when base64 and other popular encoding schemes were utilized. New Linux shell script...
UBEL is the Android Malware Successor to Oscorp
As part of a fresh campaign that began in May 2021, an Android malware that was discovered misusing accessibility features...
LightMe – HTTP Server Serving Obfuscated Powershell Scripts/Payloads
LightMe is a Simple HTTP Server serving Powershell Scripts/Payloads after Obfuscate them and run obfuscation as a service in backgroud...
Rtl_433 – Program To Decode Radio Transmissions From Devices On The ISM Bands (And Other Frequencies)
rtl_433 (despite the name) is a generic data receiver, mainly for the 433.92 MHz, 868 MHz (SRD), 315 MHz, 345...
Estonia ‘s police arrested a Tallin resident who stole 286K ID scans from a government DB
Estonia ‘s police arrested a man from Tallinn that is suspected to be the hacker who stole 286K ID scans...
Meteor was the wiper used against Iran’s national railway system
The recent attack against Iran’s national railway system was caused by a wiper malware dubbed Meteor and not by a ransomware as initially thought....
BlackMatter and Haron, two new ransomware gangs in the threat landscape
The cyber threat landscape change continuously, recently two new ransomware-as-service (RaaS) operations named BlackMatter and Haron made the headlines. Recently,...
Microsoft provides more mitigation instructions for the PetitPotam attack
In a revision of KnowledgeBase article KB5005413, Microsoft has provided more elaborate mitigation instructions for the PetitPotam attacks that were...
Crimea “manifesto” deploys VBA Rat using double attack vectors
This blog post was authored by Hossein Jazi. On July 21, 2021, we identified a suspicious document named “Манифест.docx” (“Manifest.docx”)...
