cyberveille.decio.ch

cyberveille.decio.ch

7248 bookmarks
Custom sorting
'Got that boomer!': How cybercriminals steal one-time passcodes for SIM swap attacks and raiding bank accounts | TechCrunch
'Got that boomer!': How cybercriminals steal one-time passcodes for SIM swap attacks and raiding bank accounts | TechCrunch
The incoming phone call flashes on a victim’s phone. It may only last a few seconds, but can end with the victim handing over codes that give cybercriminals the ability to hijack their online accounts or drain their crypto and digital wallets. “This is the PayPal security team here. We’ve detected some unusual activity on your account and are calling you as a precautionary measure,” the caller’s robotic voice says. “Please enter the six-digit security code that we’ve sent to your mobile device.”
·techcrunch.com·
'Got that boomer!': How cybercriminals steal one-time passcodes for SIM swap attacks and raiding bank accounts | TechCrunch
QNAPping At The Wheel (CVE-2024-27130 and friends)
QNAPping At The Wheel (CVE-2024-27130 and friends)
Infosec is, at it’s heart, all about that data. Obtaining access to it (or disrupting access to it) is in every ransomware gang and APT group’s top-10 to-do-list items, and so it makes sense that our research voyage would, at some point, cross paths with products intended to manage - and safeguard - this precious resource.
·labs.watchtowr.com·
QNAPping At The Wheel (CVE-2024-27130 and friends)
Andrew Tate’s The Real World exposes 22M user messages
Andrew Tate’s The Real World exposes 22M user messages
The Real World, a learning platform from the controversial social media personality Andrew Tate, has leaked nearly a million users and over 22 million messages. Hundreds of thousands of exposed users, millions of messages, and session tokens – that’s the reality that The Real World finds itself in. The Cybernews research team has uncovered an exposed MongoDB instance with 88GB from one of The Real World’s servers.
·cybernews.com·
Andrew Tate’s The Real World exposes 22M user messages
Exclusive: Flutterwave loses ₦11 billion in security breach
Exclusive: Flutterwave loses ₦11 billion in security breach
One month after obtaining a court order to recover $24 million lost to unauthorised POS transactions, Flutterwave suffered another security breach that allowed unknown persons to divert billions of naira to several bank accounts. The perpetrators illegally transferred ₦11 billion ($7 million) to several accounts in April 2024, one financial services insider with direct knowledge of the incident said. A second insider claimed the amount involved was at least ₦20 billion ($13.5 million).
·techcabal.com·
Exclusive: Flutterwave loses ₦11 billion in security breach
Arup revealed as victim of $25 million deepfake scam involving Hong Kong employee | CNN Business
Arup revealed as victim of $25 million deepfake scam involving Hong Kong employee | CNN Business
A British multinational design and engineering company behind world-famous buildings such as the Sydney Opera House has confirmed that it was the target of a deepfake scam that led to one of its Hong Kong employees paying out $25 million to fraudsters. A spokesperson for London-based Arup told CNN on Friday that it notified Hong Kong police in January about the fraud incident, and confirmed that fake voices and images were used. “Unfortunately, we can’t go into details at this stage as the incident is still the subject of an ongoing investigation. However, we can confirm that fake voices and images were used,” the spokesperson said in an emailed statement.
·edition.cnn.com·
Arup revealed as victim of $25 million deepfake scam involving Hong Kong employee | CNN Business
Investigation into Helsinki Education Division data breach proceeds | City of Helsinki
Investigation into Helsinki Education Division data breach proceeds | City of Helsinki
On 2 May 2024, the City of Helsinki issued a notice of a data breach targeted at its Education Division. Investigation into the data breach proceeds through a cooperative effort by the City´s own and external experts. On Monday, 13 May 2024, the City of Helsinki held a press conference on the progress of this investigation.
·hel.fi·
Investigation into Helsinki Education Division data breach proceeds | City of Helsinki
N. Korean hacking group stole massive amount of personal info from S. Korean court computer network
N. Korean hacking group stole massive amount of personal info from S. Korean court computer network
A North Korean hacking group had stolen a massive amount of personal information from a South Korean court computer network, probe results showed on Saturday. A total of 1,014 gigabytes worth of data and documents were leaked from Seoul's court computer network between January 2021 and February 2023 by the hacking group, presumed to be Lazarus, according to the joint probe by the police, the prosecution and the National Intelligence Service.
·m-en.yna.co.kr·
N. Korean hacking group stole massive amount of personal info from S. Korean court computer network
PoC exploit released for RCE zero-day in D-Link EXO AX4800 routers
PoC exploit released for RCE zero-day in D-Link EXO AX4800 routers
The D-Link EXO AX4800 (DIR-X4860) router is vulnerable to remote unauthenticated command execution that could lead to complete device takeovers by attackers with access to the HNAP port.
·bleepingcomputer.com·
PoC exploit released for RCE zero-day in D-Link EXO AX4800 routers
Leveraging DNS Tunneling for Tracking and Scanning
Leveraging DNS Tunneling for Tracking and Scanning
This article presents a case study on new applications of domain name system (DNS) tunneling we have found in the wild. These techniques expand beyond DNS tunneling only for command and control (C2) and virtual private network (VPN) purposes. Malicious actors occasionally employ DNS tunneling as a covert communications channel, because it can bypass conventional network firewalls. This allows C2 traffic and data exfiltration that can remain hidden from some traditional detection methods.
·unit42.paloaltonetworks.com·
Leveraging DNS Tunneling for Tracking and Scanning
Malicious Go Binary Delivered via Steganography in PyPI
Malicious Go Binary Delivered via Steganography in PyPI
On May 10, 2024, Phylum’s automated risk detection platform alerted us to a suspicious publication on PyPI. The package was called requests-darwin-lite and appeared to be a fork of the ever-popular requests package with a few key differences, most notably the inclusion of a malicious Go binary packed into
·blog.phylum.io·
Malicious Go Binary Delivered via Steganography in PyPI
Distribution of DanaBot Malware via Word Files Detected by AhnLab EDR
Distribution of DanaBot Malware via Word Files Detected by AhnLab EDR
There are two types of malicious documents that are distributed via email recently: those exploiting equation editor and those including external link URLs. This post will describe the infection flow of the DanaBot malware that is distributed through documents containing external links, the latter method, as well as the evidence and detection process with the AhnLab EDR product’s diagram. Figure 1 shows the content of a spam email with a Word document attached that contains an external link. As you can see, it is a sophisticatedly disguised email pretending to be a job application form to deceive the recipient. The attached file (.docx) is a Word document that contains an external link.
·asec.ahnlab.com·
Distribution of DanaBot Malware via Word Files Detected by AhnLab EDR
Europol confirms web portal breach, says no operational data stolen
Europol confirms web portal breach, says no operational data stolen
Europol, the European Union's law enforcement agency, confirmed that its Europol Platform for Experts (EPE) portal was breached and is now investigating the incident after a threat actor claimed they stole For Official Use Only (FOUO) documents containing classified data. #Breach #Computer #Data #EPE #Europol #InfoSec #Leak #Security #Theft
·bleepingcomputer.com·
Europol confirms web portal breach, says no operational data stolen