The dark web is awash with stolen single sign-on credentials, including credentials belonging to half of the top 20 largest public companies, research from BitSight found. More than 25% of the entire S&P 500 have had stolen credentials appear online. The dark web is awash with stolen single sign-on credentials, including credentials belonging to half of the top 20 largest public companies, research from BitSight found. More than 25% of the entire S&P 500 have had stolen credentials appear online. READ MORE...
Alberto Carvalho is confronting a major ransomware attack just eight months after he joined the Los Angeles Unified School District as superintendent. Late Tuesday, two weeks after LAUSD publicly disclosed the attack, Carvalho confirmed a ransom demand was made by the group that breached the district's systems. He remained tight-lipped about the amount demanded and what information the ransomware group claims to have stolen from the country's second-largest school system. READ MORE...
There's been some smart phishing campaigns running over the last few weeks, and this one is particularly sneaky. Bleeping Computer reports that a phishing page is targeting Greek taxpayers with a tax refund scam. The added sting in the tail comes in the form of an embedded keylogger which grabs everything entered onto the page. The phishing mails rely on that time-honoured tradition of bogus tax returns and non-existent refunds. READ MORE...
The record-vying distributed denial-of-service attacks keep coming, with two mitigation services reporting they encountered some of the biggest data bombardments ever by threat actors whose tactics and techniques are constantly evolving. On Monday, Imperva said it defended a customer against an attack that lasted more than four hours and peaked at more than 3.9 million requests per second (RPS). READ MORE...
The BlackCat ransomware (aka ALPHV) isn't showing any signs of slowing down, and the latest example of its evolution is a new version of the gang's data exfiltration tool used for double-extortion attacks. BlackCat is considered a successor to Darkside and BlackMatter and is one of the most sophisticated and technically advanced Ransomware-as-a-service (RaaS) operations. READ MORE...
While NSO Group's Pegasus spyware is perhaps the highest-profile surveillance weapon used by repressive governments against civil society, a recently discovered, powerful mobile reconnaissance malware dubbed Hermit has come to light, being touted by an Italian developer as a "lawful intercept" tool. So far, Lookout has observed the Hermit spyware being used by the government of Kazakhstan after the violent suppression of protests with the help of Russian armed forces, and elsewhere. READ MORE...
The United States Attorney for the Southern District of New York has sentenced Ariel "Melo" Jimenez (38) to 12 years in prison for leading a "tax fraud and identity theft conspiracy" that resulted in the fraudulent claiming of tax credits, earning him millions of dollars. "Ariel Jimenez was the leader of a long-running fraudulent tax business that cheated the Government of tax refunds by stealing the identities of vulnerable children," said US Attorney General Damian Williams in a press release. READ MORE...
A vulnerability in the Python programming language that has been overlooked for 15 years is now back in the spotlight as it likely affects more than 350,000 open-source repositories and can lead to code execution. Disclosed in 2007 and tagged as CVE-2007-4559, the security issue never received a patch, the only mitigation provided being a documentation update warning developers about the risk. READ MORE...
Cloud security company Wiz has published information on an Oracle Cloud Infrastructure (OCI) vulnerability allowing attackers to modify users' storage volumes without authorization. Referred to as #AttachMe and mentioned in Oracle's July 2022 Critical Patch Update, the vulnerability could have exposed sensitive data to attackers knowing the victim's Oracle Cloud Identifier (OCID). READ MORE...