A new phishing campaign can bypass multi-factor authentication (MFA) on Office 365 to access victims' data stored on the cloud and use it to extort a Bitcoin ransom or even find new victims to target, security researchers have found. Researchers at Cofense Phishing Defense Center discovered the tactic, which leverages the OAuth2 framework and OpenID Connect (OIDC) protocol and uses a malicious SharePoint link to trick users into granting permissions to a rogue application. READ MORE...
Budget British airline Easyjet has been hacked, it has told the stock markets, admitting nine million people's details were accessed and more than 2,000 customers' credit card details stolen. Some information about the attack was released to the London Stock Exchange by the company, which claimed it had been targeted by "a highly sophisticated source". READ MORE...
Taiwanese authorities have suggested that Chinese hackers were behind a ransomware attack against Taiwan's state oil company, an aggressive assault on one of the island nation's strategic assets. Data left behind in the attack, such as a configuration file and domain name, point to the involvement of a group known as Winnti, or something "closely related" to it, Taiwan's Ministry of Justice said in a statement Friday. READ MORE...
A cybercriminal gang have been arrested for spreading the Locky ransomware among hospitals, among other crimes. In an operation spearheaded by Romania's law enforcement department, four people have been taken into custody after their houses were raided - three in Romania and one in neighboring Moldova. Prosecutors at the Directorate for Investigating Organized Crime and Terrorism (DIICOT) are charging the group with illegal operations with computer devices and programs. READ MORE...
A new Node.js based remote access trojan and password-stealing malware is being distributed through malicious emails pretending to be from the U.S. Department of the Treasury. This new spam campaign was discovered by Abuse.ch that says payment for a government contract was not paid due to incorrect banking information. The email then prompts the user to examine the document for any mistakes, as if they do not hear back, the money will be used of the government's Coronavirus disaster relief. READ MORE...
ZDNet reports that the FBI has issued a "flash alert" warning that hackers are planting Magecart-style payment card-skimming code on Magento-powered online stores running an out-of-date plugin. According to the alert, cybercriminals were able to infect an unnamed US ecommerce website with a Javascript code that could steal payment card data and personal information entered by shoppers as they attempted to purchase items. READ MORE...
Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. But the reality is most malicious software also has its share of security holes that open the door for security researchers or ne'er-do-wells to liberate or else seize control over already-hacked systems. Here's a look at one long-lived malware vulnerability testing service that is used and run by some of the Dark Web's top cybercriminals. READ MORE...
Vishing is a form of attack that attempts to trick victims into giving up sensitive personal information over the phone. While that makes it sound like an old-fashioned scam, vishing attacks have high-tech elements: they involve automated voice simulation technology, for instance, or the scammer may use personal information about the victim harvested from earlier cyberattacks to put them at ease. READ MORE...