The popular LottieFiles Lotti-Player project was compromised in a supply chain attack to inject a crypto drainer into websites using the library that steals visitors’ cryptocurrency. […]
Interbank confirms data breach following failed extortion, data leak
Interbank, one of Peru’s leading financial institutions, has confirmed a data breach after a threat actor who hacked into its systems leaked stolen data online. […]
Microsoft Entra “security defaults” to make MFA setup mandatory
Microsoft says it will improve security across Entra tenants where security defaults are enabled by making multifactor authentication (MFA) registration mandatory. […]
QNAP patches second zero-day exploited at Pwn2Own to get root
QNAP has fixed a second zero-day vulnerability exploited at the Pwn2Own Ireland 2024 hacking contest to gain a root shell and take over a TS-464 NAS device. […]
North Korean govt hackers linked to Play ransomware attack
The North Korean state-sponsored hacking group tracked as ‘Andariel’ has been linked to the Play ransomware operation, using the RaaS to work behind the scenes and evade sanctions. […]
North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack
Threat actors in North Korea have been implicated in a recent incident that deployed a known ransomware family called Play, underscoring their financial motivations.
The activity, observed between May and September 2024, has been attributed to a threat actor tracked as Jumpy Pisces, which is also known as Andariel, APT45, DarkSeoul, Nickel Hyatt, Onyx Sleet (formerly Plutonium), Operation Troy,
The activity, observed between May and September 2024, has been attributed to a threat actor tracked as Jumpy Pisces, which is also known as Andariel, APT45, DarkSeoul, Nickel Hyatt, Onyx Sleet (formerly Plutonium), Operation Troy,
Data Loss Prevention Startup MIND Emerges From Stealth With $11M in Funding
MIND has emerged from stealth mode with a data loss prevention (DLP) solution and $11 million in seed funding.
The post Data Loss Prevention Startup MIND Emerges From Stealth With $11M in Funding appeared first on SecurityWeek.
Android malware “FakeCall” now reroutes bank calls to attackers
A new version of the FakeCall malware for Android hijacks outgoing calls from a user to their bank, redirecting them to the attacker’s phone number instead. […]
Hackers steal 15,000 cloud credentials from exposed Git config files
A global large-scale dubbed “EmeraldWhale” exploited misconfigured Git configuration files to steal over 15,000 cloud account credentials from thousands of private repositories. […]
FBI: Upcoming U.S. general election fuel multiple fraud schemes
The Federal Bureau of Investigation (FBI) is warning of multiple schemes taking advantage of the upcoming U.S. general election to scam people out of their money or personal data. […]