Cyber Bites

Yesterday, data breach notification website Leakbase said someone allegedly hacked the Swachhata Platform in India and stole 16 million user records. Security researchers at CloudSEK , reported the news as they discovered a post by Leakbase sharing data samples containing personally identifiable information (PII), including email addresses, hashed passwords and user IDs. Earlier this week, an advisory published by CloudSEK reported that 6GB of compromised data from the  Swachhata Platform – an initiative in association...

Earlier this week, researchers at security firm Cisco Talos discovered a malicious campaign in August 2022 that relied on modularized attack techniques to deliver Cobalt Strike beacons and used them in follow–on attacks. It was reported that the company published a new advisory about the campaign on Wednesday saying the threat actors behind it used a phishing email impersonating either a government organization in the US or a trade union in New Zealand with a malicious...

Optus, an Australian telecoms provider, has become the latest high-profile victim of a data breach - with the alleged attacker demanding payment to buy back millions of customer records, having already made 10,000 public online.  In the most recent developments, the attacker has now rescinded threats and deleted them from a data breach website. However, it does not change the fact that someone was able to access these customer records, including names, dates of birth,...

Towards the end of last week, the City of London Police on Friday revealed that it has arrested a 17-year-old teenager from Oxfordshire on suspicion of hacking. "On the evening of Thursday 22 September 2022, the City of London Police arrested a 17-year-old in Oxfordshire on suspicion of hacking," the agency said, adding "he remains in police custody." A statement from the department said the arrest was made as part of an investigation in partnership with...

On Friday last week, Ukrainian law enforcement authorities disclosed that it had "neutralized" a hacking group operating from the city of Lviv that it said acted on behalf of Russian interests. Reports show that the group specialized in the sales of 30 million accounts belonging to citizens from Ukraine and the European Union on the dark web and netted a profit of $372,000 (14 million UAH) through electronic payment systems like YooMoney, Qiwi, and WebMoney...

Earlier today reports of an SMS-based phishing campaign were announced, targeting customers of Indian banks with information-stealing malware that masquerades as a rewards application. According to the Microsoft 365 Defender Research Team, the messages contain links that redirect users to a sketchy website that triggers the download of the fake banking rewards app for ICICI Bank. "The malware's RAT capabilities allow the attacker to intercept important device notifications such as incoming messages, an apparent effort...

Yesterday Twitter announced that they had remediated an issue that allowed accounts to stay logged in across multiple devices even after a voluntary password reset. In an update earlier this week, the social media company explained that the bug meant users who proactively changed their passwords on one device may have still been able to access open sessions on other screens. It is important to note that users who choose password resets voluntarily may be...

Earlier today, American Airlines became the latest big-name brand to announce a data breach, after an unauthorized actor compromised employee inboxes. A statement released from the aerospace giant confirmed that the source of the incident was a phishing attack which “led to the unauthorized access to a limited number of team-member mailboxes.” The airline explained that “a very small number of customers’ and employees’ personal information” was contained in the accessed emails, suggesting that its attackers...

Earlier this week, it was reported that the Zoom video conference platform was down and experienced an outage preventing users from logging in or joining meetings. An incident posted on Zoom's service status page, revealed that the company confirmed issues starting and joining meetings and video sessions. "We are investigating reports of zoom.us being unavailable. Our teams are currently investigating the service-impacting event. Our engineers are investigating," the company explained. "We have identified the issue starting...

It has been predicted that cryptocurrency scams are set to explode after researchers reported a triple-digit increase in registered domains in the first half of 2022, compared to the whole of last year. Cyber security service provider, Group-IB said that they had detected over 2000 domains registered to be used as fake promotion websites in the first half of this year, revealing a 335% increase on the number recorded in 2021. Hence showing a five-fold increase...