Questions continue to swirl around a June 30 incident where an unknown individual put up for sale on a popular underground forum a staggering 23TB of personally identifiable information (PII), belonging to some 1 billion people in China. And, in the meantime, the database is continuing to cause ripples across the Dark Web. The dataset was reportedly accessed from an unsecured Shanghai police database hosted on Alibaba's cloud hosting platform. READ MORE...
Researchers have uncovered a gigantic network of more than 11,000 domains used to promote numerous fake investment schemes to users in Europe. The platforms show fabricated evidence of enrichment and falsified celebrity endorsements to create an image of legitimacy and lure in a larger number of victims. The goal of the operation is to trick users into an opportunity for high-return investments and convince them to deposit a minimum amount of 250 EUR ($255) to sign up for the fake services. READ MORE...
Cybersleuths at Microsoft have found a link between the recent 'Raspberry Robin' USB-based worm attacks and EvilCorp, a notorious Russian ransomware operation sanctioned by the U.S. government. According to fresh data from Redmond's threat intelligence team, a ransomware-as-a-service gang it tracks as DEV-0206 has been caught rigging online ads to trick targets into installing a loader for additional malware previously attributed to EvilCorp. READ MORE...
Over the past year, North Korean advanced persistent threat (APT) actor Kimsuky has been observed using a browser extension to steal content from victims' webmail accounts, threat intelligence and incident response company Volexity reports. Active since at least 2012 and also tracked as Black Banshee, Thallium, SharpTongue, and Velvet Chollima, Kimsuky is known for the targeting of entities in South Korea, but also some located in Europe and the United States. READ MORE...
Threat actors once again are using the node package manager (npm) repository to hide malware that can steal Discord tokens to monitor user sessions and steal data on the popular chat and collaboration platform, researchers have found. A campaign discovered this week by Kaspersky researchers is hiding an open-source token logger alongside a novel JavaScript malware in npm packages. READ MORE...
Akamai Technologies squelched the largest-ever distributed denial-of-service (DDoS) attack in Europe earlier this month against a company that was being consistently hammered over a 30-day period. According to the cybersecurity and cloud services vendor, the height of the attack hit on July 21, when over a 14-hour period it peaked at 659.6 million packets per second (Mpps) and 853.7 gigabits per second (Gbps). READ MORE...