ATTACKER – NEW NORTH KOREAN THREAT GROUP TARGETING FINANCIAL INSTITUTIONS
FireEye researchers have just released details on a new threat group dubbed APT38, held accountable for the attempted heist of approximately $1.1 billion dollars from financial institutions in different geographies. Also believed to have close ties to the North Korean Regime and their illicit financially-motivated activities, the threat actor appears to differ from the activity […]
VULNERABILITY – NEW APPLE iOS 12 SCREEN BYPASS DISCOVERED
It didn’t take long until a new lock screen flow was found for the new Apple’s iOS 12, released on 17 September 2018. Spanish researcher Jose Rodriguez published a YouTube video in Spanish language detailing the steps of the quite complex passcode bypass. An English-speaking version of the same video was subsequently published on YouTube. […]
REMOTE ACCESS METHOD – REMCOS RAT
A new remote access tool, known as Remcos, has been seen rising in popularity over the last month and has been linked to several recent attacks. Remcos, which sells for €58-389 from the vendor Breaking Security, is a security tool advertised for “ethical hacking” and otherwise legal purposes. Remcos boasts the ability to monitor keystrokes, […]
TARGET – FACEBOOK DATA BREACH
Facebook has returned to the headlines again for issues regarding user privacy and personal information exposure after an alleged attack on their network. The social media giant admitted at least 50 million users may have had their personal information compromised due to the attack, which has been touted as the largest breach in the company’s […]
TARGET – British Airways Credit Card Data Breach
On September 7th, it was publicly disclosed that 380,000 customer transactions processed by the British Airways website between August 21st to September 5th were compromised by attackers. The information believed to be obtained in the transactions included the name, email address, and credit card information for the transaction including the credit card CVV code. Details […]
TARGET – 20,000 USERS FROM AIR CANADA’S MOBILE APP BREACHED
Air Canada is requesting a password reset of its entire 1.7 million user base for its mobile app. This was caused from the detection of unusual login behavior between August 22nd to August 24th, leading to suspect that 20,000 user accounts held within the aircraft’s mobile app had been compromised. The information that may have […]
TARGET – Democratic National Committee Phishing Mix-up
On August 22nd, the Democratic National Committee made a press release stating that a cybersecurity service provider had alerted them of a phishing page that was stood up to target their Votebuilder website. The investigation was escalated to the FBI and immediately Russia was suspected due to previous attack activity from 2016. A day later, […]
VULNERABILITY – New critical vulnerability impacting Apache Struts
A new Apache Struts remote code execution vulnerability dubbed CVE-2018-11776 was recently discovered by security researchers. The root cause of the flow was identified in the lack of input validation on the URL passed to the Struts framework affecting all versions of Struts 2. The criticality of the CVE-2018-11776 resides in the depth of its […]
ATTACKER – Dark Tequila banking campaign hits Mexico
An active financial malicious campaign dubbed “Dark Tequila” heavily targeting Mexico since at least 2013 has been recently analyzed by the Kaspersky Lab researchers. According to reports, the malware primarily aims at stealing sensitive information, including but not limited to financial data, login credentials to popular websites, domain registers and file storage accounts. Five operational […]
TARGET – Cosmos Global Bank Hack
Cosmos Bank, a co-operative bank based in India with an over 100 year-old history was hit with a globally coordinated attack between August 11th to August 13th. Attackers appeared to coordinate with what is suspected to be several individuals to siphon $13.4 million dollars (Rs 94 crore). Although many details are not confirmed regarding the […]
METHOD – Business Email Compromise Statistics from FBI
Business email compromise (BEC) / email account compromise (EAC) is a scam where a combination of social engineering and computer intrusion techniques are used to obtain a transfer of funds from an organization. Lately, sophisticated / targeted social engineering and compromised email accounts have been used to conduct these attacks. According to the FBI, the […]
TARGET – GoDaddy information Exposed on Amazon AWS Cloud
Researchers at UpGuard recently discovered a data breach affecting GoDaddy, considered the world’s largest domain name registrar and web host by market share to date. The leaked information was found in June on a publicly accessible AWS S3 bucket named “abbottgodaddy” and referenced the company’s infrastructure running in the Amazon AWS cloud. Majority of the […]