A longtime threat group identified as TA558 has ramped up efforts to target the travel and hospitality industries. After a lull in activity, believed tied to COVID-related travel restrictions, the threat group has ramped up campaigns to exploit an uptick in travel and related airline and hotel bookings. Warnings come from security researchers who say TA558 cybercriminals have revamped their 2018 campaigns with fake reservation emails that deliver a malicious malware payload. READ MORE...
Textile company Sferra Fine Linens on Friday announced that it has started notifying individuals of a cybersecurity incident involving their personal information. Founded in 1891, Sferra designs and sells Italian-made luxury linen products, including luxury sheets, table linens, and bedding collections, as well as decorative home accessories. Sferra has announced that it identified the incident on April 24, but that the threat actor had access to its servers for roughly two weeks prior to that. READ MORE...
Hackers have exploited a zero-day vulnerability in General Bytes Bitcoin ATM servers to steal cryptocurrency from customers. When customers would deposit or purchase cryptocurrency via the ATM, the funds would instead be siphoned off by the hackers. General Bytes is the manufacturer of Bitcoin ATMs that, depending on the product, allow people to purchase or sell over 40 different cryptocurrencies. READ MORE...
Fake job offers have become a top phishing tactic for state-sponsored threat actors to lure in unsuspecting targets in the wake of the COVID-19 pandemic, as many reconsider their careers amid growing demand for skilled workers and managers. The cyber-threat analyst team at PwC, which has followed a prime example of this (the Lazarus Group's Operation In(ter)ception) closely, presented a detailed account of the Lazarus campaign and how the group implemented the strategy. READ MORE...
A researcher has conducted an analysis to see how major companies could track user activity through their mobile in-app browsers, and released a free and open source tool that allows anyone to check what code is being injected by such browsers. Some mobile applications use built-in browsers to allow users to quickly access third-party websites. Other apps include a browser to load their own resources, which may be needed to perform various activities. READ MORE...
Microsoft is a hot target for scammers and acts of fraud. For example, tech support scam websites cover themselves in Windows branding and messages. Phone scammers claim to be calling directly from Microsoft. If it's not a Bill Gates themed lottery spam mail in your mailbox, it's a fake Excel spreadsheet laden with dangerous Macros. Well, Microsoft is now issuing a warning related to a recent scam riding on the coat-tails of their branding. READ MORE...
The Federal Bureau of Investigation (FBI) has raised an alarm for cybercriminals using proxies and configurations to hide and automate credential stuffing attacks against companies in the United States. Credential stuffing attacks, also called account cracking, involve trying to access online accounts using username and password combinations from existing data leaks or which were purchased on dark web portals. READ MORE...
Password-protected ZIP archives are common means of compressing and sharing sets of files-from sensitive documents to malware samples to even malicious files (i.e. phishing "invoices" in emails). But, did you know it is possible for an encrypted ZIP file to have two correct passwords, with both producing the same outcome when the ZIP is extracted? Arseniy Sharoglazov, a cybersecurity researcher at Positive Technologies shared over the weekend a simple experiment. READ MORE...