InfraGard, a program run by the U.S. Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. Meanwhile, the hackers responsible are communicating directly with members through the InfraGard portal online - using a new account under the assumed identity of a financial industry CEO. READ MORE...
Australia's TPG Telecom this week announced that a threat actor has gained unauthorized access to a service hosting the email accounts of 15,000 customers. The second largest telecommunications company in the country, TPG Telecom was formerly known as Vodafone Hutchison Australia, but was renamed after its merger with TPG. On Wednesday, the company announced that unauthorized access to a hosted Exchange service was identified during a forensic review. READ MORE...
Federal prosecutors on Wednesday charged six people for allegedly operating websites that launched millions of powerful distributed denial-of-service attacks on a wide array of victims on behalf of millions of paying customers. The sites promoted themselves as booter or stressor services designed to test the bandwidth and performance of customers' networks. READ MORE...
Microsoft has fixed a security vulnerability used by threat actors to circumvent the Windows SmartScreen security feature and deliver Magniber ransomware and Qbot malware payloads. The attackers used malicious standalone JavaScript files to exploit the CVE-2022-44698 zero-day to bypass Mark-of-the-Web security warnings displayed by Windows to alert users that files originating from the Internet should be treated with caution. READ MORE...
An Iranian cyber espionage gang with ties to the Islamic Revolutionary Guard Corps has learned new methods and phishing techniques, and aimed them at a wider set of targets - including politicians, government officials, critical infrastructure and medical researchers - according to email security vendor Proofpoint. Over the past two years, the threat actor group that Proofpoint's researchers track as TA453 has branched out from its usual victims. READ MORE...