News

Microsoft has seized a number of malicious sites which were targeting organisations based in 29  countries worldwide. The sites were used by the Nickle hacking group. Nickle is a China-based group also tracked as Playful Dragon, Royal APT, APT15, KE3CHANG and Vixen Panda. The group compromised serves belonging to diplomatic entities, government organisations and NGOs based in 29 countries, but mainly organizations from Latin America and Europe. Microsoft's Digital Crimes Unit (DCU) spotted the group...

Fraudsters use bots to monitor Tweets requesting support to MetaMask, TrustWallet, and other crypto wallets to respond with scams within seconds, BleepingComputer reports. To launch these targeted attacks, scammers monitor all public Tweets fro specific keywords and phrases, such as "support", "assistance" and "help", paired with "MetaMask", "Phantom", "Yoro" and "TrustWallet". Twitter bots are used to respond to these Tweets automatically, posing as a fake customer service representative offering a malicious link that steals the...

Earlier this week, Nordic Choice Hotels announced an attack on its IT systems, which they believed to be a "computer virus". It has now been confirmed that they were, in fact, hit by Conti ransomware, which has affected the hotel's guest reservation and room key card systems. Fortunately, there is no indications that passwords or payment information was affected or accessed, however guest booking information was potentially leaked. As a result of the attack, hotel...

Some of the world’s largest companies have exposed large amounts of sensitive information from the cloud, researchers said – thanks to misconfigured Kafdrop services. Kafdrop is the management interface for Apache Kafka, an open-source, cloud-native platform for managing data streams. Kafka has several common use cases; for instance, in the finance sector it’s often used for real-time data processing in order to catch and block fraudulent transactions as they occur. It the internet of things...

A phishing email suggesting that people can order a PCR test specific to the new Omicron COVID-19 variant has been found doing the rounds in the UK. It purports to be from the NHS and directs unsuspecting victims to a website that asks for their full name, DOB, home address, mobile number and email. It also asks for a small payment of £1.24 to cover the delivery and test result costs.   Alarmingly, it also...

The FBI has identified, as of early November 2021 that Cuba ransomware actors have compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the financial, government, healthcare, manufacturing, and information technology sectors, an alert posted last Thursday by the agency stated. "Cuba ransomware is distributed through Hancitor malware, a loader known for dropping or executing stealers, such as Remote Access Trojans (RATs) and other types of ransomware, onto victims’...

BitMart, a trusted cryptocurrency trading platform has been the latest to suffer a breach, resulting in the loss of approximately $150 million. The hack was confirmed on Saturday, when BitMart confirmed in a statement that hackers had withdrawn a large amount in assets. The company added that withdrawals had been temporarily suspended and that a security review was underway. The hackers stole more than 20 tokens, including binance coin, safemoon, and shiba inu. It is...

Researchers from Niederrhein University and Ruhr-Universität Bochum (RUB) have discovered 14 new cross-site data leaks (XS-Leaks) attacks targetting a wide range of modern web browsers. The browsers affected include Microsoft Edge, Google Chrome, Opera, Apple Safari, Tor Browser, and Mozilla Firefox among many others. The researchers discovered the leaks by testing how well 56 browsers and operating systems were protected against 34 XS-Leaks. The researchers' website, XSinator.com, scanned the browsers for leaks and found that...

US military's hacking unit, Cyber Command, has taken offensive action to disrupt cybercriminal groups that have launched ransomware attacks on US companies, a spokesperson for the command confirmed to CNN Sunday.  

Security researchers tested nine popular WiFi routers and found they are riddled with vulnerabilities - even when running the latest firmware. In the nine models tested, a total of 226 vulnerabilities were found, the TP-Link Archer AX6000 and the Synology RT-2600ac resulting the most insecure, with 32 and 30 flaws, respectively. Conducted by IoT Inspector for the publication CHIP, the analysis found that in the most common vulnerabilities were: Outdated Linux kernel in the firmware...