A massive operation that has reportedly siphoned millions of USD from credit cards since its launch in 2019 has been exposed and is considered responsible for losses for tens of thousands of victims. The site operators, thought to originate from Russia, operate an extensive network of bogus dating and customer support websites and use them to charge credit cards bought on the dark web. READ MORE...
During a recent investigation of a series of cyber intrusions into an unnamed high-value target, threat intelligence researchers with SentinelOne's SentinelLabs team discovered nearly 10 hacking groups associated with China and Iran. This isn't necessarily new when dealing with significant targets, sometimes referred to as a "magnet of threats" in cybersecurity, as they attract and host multiple hacking efforts simultaneously. READ MORE...
Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. In Firefox 105 a total of seven vulnerabilities were patched, three of which received the security risk rating "high". In Thunderbird three security vulnerabilities were patched. One with the rating "high" risk. READ MORE...
One problem with running a ransomware operation along the lines of a regular business is that disgruntled employees may want to sabotage the operation over some perceived injustice. That appears to have been the case with the operators of the prolific LockBit ransomware-as-a-service operation this week when an apparently peeved developer publicly released the encryptor code for the latest version of the malware - LockBit 3.0 aka LockBit Black - to GitHub. READ MORE...
Earlier this year, the International Organization for Migration reported that more than 3 million refugees fleeing war-torn Ukraine were "at heightened risk of exploitation." Human trafficking cases, they warned, involved refugees more likely to leave home suddenly without secure financial resources and "less likely to be identified in the immediate aftermath of mass displacement." READ MORE...
Researchers have observed a surge in hacking attempts targeting CVE-2022-24086, a critical Magento 2 vulnerability allowing unauthenticated attackers to execute code on unpatched sites. Magento is an open-source e-commerce platform owned by Adobe, used by approximately 170,000 online shopping websites worldwide. The CVE-2022-24086 vulnerability was discovered and patched in February 2022, when threat actors were already exploiting it in the wild. READ MORE...
The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2022-35405, a critical remote code execution vulnerability in ManageEngine PAM360, Password Manager Pro, and Access Manager Plus, to its Known Exploited Vulnerabilities (KEV) Catalog. The details of in-the-wild exploitation of the flaw aren't available - though, according to data collected by Greynoise, exploitation attempts don't seem widespread. READ MORE...
The US FDA (Food and Drug Administration) has warned users of Medtronic's MiniMed 600 Series Insulin Pump System-specifically, models for MiniMed 630G and MiniMed 670G-that their medical devices have a cybersecurity issue with its communication protocol. If compromised, attackers could gain unauthorized access to the pump system itself, and alter it to deliver too much or too little insulin to the patient. READ MORE...