Krebs: How Phished Data Turns into Apple & Google Wallets
Carding - the underground business of stealing, selling and swiping stolen payment card data - has long been the dominion of Russia-based hackers. Happily, the broad deployment of more secure chip-based payment cards in the United States has weakened the carding market. But a flurry of innovation from cybercrime groups in China is breathing new life into the carding industry, by turning phished card data into mobile wallets that can be used online and at main street stores. READ MORE...
Phishing campaign targets Microsoft device-code authentication flows
Russia-backed threat actors have attacked a wide range of organizations in a device-code phishing campaign that has been active since at least August of 2024. Microsoft Threat Intelligence warned in a blog post Thursday that a Russia-linked threat group it tracks as Storm-2372 is using a specific phishing technique that games the device-code authentication flows for applications in order to capture tokens, which the attackers then use to gain access to targeted accounts. READ MORE...
North Korea's Kimsuky Taps Trusted Platforms to Attack South Korea
North Korea-linked threat groups are increasingly using living-off-the-land (LotL) techniques and trusted services to evade detection, with a recent Kimsuky campaign showcasing the use of PowerShell scripts and storing data in Dropbox folders, along with improved operational security. The threat group used fake work logs, insurance documents, and crypto-related files to convince users to download and run a zipped shortcut file that gathers system configuration information. READ MORE...
How Hackers Manipulate Agentic AI with Prompt Engineering
The era of "agentic" artificial intelligence has arrived, and businesses can no longer afford to overlook its transformative potential. AI agents operate independently, making decisions and taking actions based on their programming. Gartner predicts that by 2028, 15% of day-to-day business decisions will be made completely autonomously by AI agents. However, as these systems become more widely accepted, their integration into critical operations make them appealing targets for cybercrime. READ MORE...
Edge device vulnerabilities fueled attack sprees in 2024
Edge devices harboring zero-day and n-day vulnerabilities were linked to the most consequential attack campaigns last year, Darktrace said in an annual threat report released Wednesday. Darktrace's threat researchers found the most frequent vulnerability exploits in customers' instances of Ivanti Connect Secure and Ivanti Policy Secure appliances, along with firewall products from Fortinet and Palo Alto Networks. READ MORE...
FreSSH bugs undiscovered for years threaten OpenSSH security
Researchers can disclose two brand-new vulnerabilities in OpenSSH now that patches have been released. Qualys discovered the bugs in January, per its disclosure timeline. These vulnerabilities allow miscreants to perform machine-in-the-middle (MitM) attacks on the OpenSSH client and pre-authentication denial-of-service (DoS) attacks. Patches for CVE-2025-26465 and CVE-2025-26466 were released this morning. READ MORE...
Cracked Garry's Mod, BeamNG.drive games infect gamers with miners
A large-scale malware campaign dubbed "StaryDobry" has been targeting gamers worldwide with trojanized versions of cracked games such as Garry's Mod, BeamNG.drive, and Dyson Sphere Program. These titles are top-rated games with hundreds of thousands of 'overwhelmingly positive' reviews on Steam, making them good targets for malicious activity. It's worth noting that a laced Beamng mod was reportedly used as the initial access vector for a hack at Disney in June 2024. READ MORE...
Hard drives containing sensitive medical data found in flea market
Somebody bought a batch of 15 GB hard drives from a flea market, and during a routine check of the contents they found medical data about hundreds of patients. After some more investigation in the Netherlands, it turned out the data came from a software provider in the medical industry which had gone bankrupt. Under Dutch law, storage media with medical data must be professionally erased with certification. READ MORE...
Xerox Printer Vulnerabilities Enable Credential Capture
A popular small to midrange Xerox business printer contains two now-patched vulnerabilities in its firmware that allow attackers an opportunity to gain full access to an organization's Windows environment. The vulnerabilities affect firmware version 57.69.91 and earlier in Xerox VersaLink C7025 multifunction printers (MFPs). Both flaws enable what are known as pass-back attacks, a class of attacks that essentially allow a bad actor to capture user credentials. READ MORE...
Attackers are chaining flaws to breach Palo Alto Networks firewalls
Exploitation attempts targeting CVE-2025-0108, a recently disclosed authentication bypass vulnerability affecting the management web interface of Palo Alto Networks' firewalls, are ramping up. "GreyNoise now sees 25 malicious IPs actively exploiting CVE-2025-0108, up from 2 on February 13," the threat intelligence company shared on Tuesday. "This high-severity flaw allows unauthenticated attackers to execute specific PHP scripts, potentially leading to unauthorized access to vulnerable systems." READ MORE...
Russian phishing campaigns exploit Signal's device-linking feature
Russian threat actors have been launching phishing campaigns that exploit the legitimate "Linked Devices" feature in the Signal messaging app to gain unauthorized access to accounts of interest. Over the past year, researchers observed phishing operations attributed to Russian state-aligned groups that used multiple methods to trick targets into linking their Signal account to a device controlled by the attacker. READ MORE...
- ...in 1807, former Vice President of the United States Aaron Burr is arrested for treason, after attempting to form his own country from part of the Louisiana Purchase.
- ...in 1878, Thomas Edison patents the the first phonograph, which used a wax cylinder as a recording medium.
- ...in 1924, actor Lee Marvin ("The Dirty Dozen", "Cat Ballou") is born in New York City.
- ...in 1943, author and former NASA engineer Homer Hickam, known for his memoir "Rocket Boys", is born in Coalwood, WV.
