The number of offers for network access and their median prices on the public posts on hacker forums dropped in the final quarter of last year but the statistics fail to reflect the real size of the initial access market. Data from threat intelligence firm Kela indicates that many of the deals actually closed behind closed doors, a trend shaped over the past months. According to the company, over 240 offers to sell initial network access occurred in public conversations. READ MORE...
French health insurance company Mutuelle Nationale des Hospitaliers (MNH) has suffered a ransomware attack that has severely disrupted the company's operations. BleepingComputer has learned. MNH is the first mutual insurance company in France to provide health insurance services, and plans focused on the health sector. The company's website is used by members to generate insurance quotes or to manage services and benefits. READ MORE...
Ten people have been arrested in connection with a series of SIM-swapping attacks that reaped more than $100 million by taking over the mobile phone accounts of high-profile individuals, authorities said on Wednesday. SIM-swapping is a crime that involves replacing a target's legitimate SIM card with one belonging to the attacker. The attacker then initiates password resets for accounts for email, cryptocurrency holdings, and other important resources. With control over the target's mobile phone. READ MORE...
TrickBot's stealthy BazarBackdoor malware has been rewritten in the Nim programming language, likely to evade detection by security software. The TrickBot cybercrime gang has been increasingly distributing their newer and stealthier BazarBackdoor malware through spam campaigns. Once a computer becomes infected, BazarBackdoor is used to provide the threat actors remote access to the computer to spread laterally throughout a network. READ MORE...
A pro-India hacking group has been using two kinds of invasive Android surveillance software to spy on hundreds of victims' cell phones for years, according to Lookout research published Thurssday. The malware, which the researchers have dubbed SunBird and Hornbill, are capable of exfiltrating several kinds of sensitive data, including text messages, call logs, contacts, the contents of encrypted messaging applications and target geolocation. The spyware also allows hackers to take pictures. READ MORE...
Thanks to cyberattacks making regular headlines in the news, it's no secret that massive data breaches are a significant threat to organizations. However, a report from F-Secure highlights the rarely-discussed impact these attacks can have on people and families using online services. According to the report, nearly 3 out of every 10 respondents to the survey experienced some type of cybercrime (such as malware/virus infections, unauthorized access to email or social media accounts, etc.) READ MORE...
An analysis of 30 popular mobile health (mHealth) applications has revealed that all of them expose the full patient records of millions of people. Research conducted by Alissa Knight, partner at marketing agency Knight Ink, on behalf of mobile API threat protection firm Approov showed that the applications are vulnerable to API attacks that unauthorized parties could leverage to access protected health information (PHI) and personally identifiable information (PII). READ MORE...
Forescout researchers have discovered nine vulnerabilities affecting nine different TCP/IP stacks widely used in IoT and OT devices. The vulnerabilities are due to weak Initial Sequence Number (ISN) generation, and could be exploited to mount limited DoS attacks against the vulnerable devices, to inject malicious data on a device, or to bypass authentication. The vulnerable TCP/IP stacks: "TCP is a connection-oriented networking protocol that allows two endpoints to exchange data." READ MORE...