February 2, 2025

Casio UK online store hacked to steal customer credit cards

Casio Computer Co., Ltd., a globally recognized manufacturer of electronic products, confirmed that its UK online store was the target of a sophisticated cyberattack aimed at stealing customer payment information. The breach, which specifically affected the e-commerce segment of Casio’s UK operations, raised serious concerns about the security of online retail platforms and the safety of consumer financial data.According to […]
January 30, 2025

Russian ransomware hackers increasingly posing as tech support on Microsoft Teams

Cybersecurity authorities and major technology firms reported a significant surge in cyberattacks orchestrated by Russian-speaking ransomware groups exploiting Microsoft Teams to impersonate technical support staff. These threat actors have adopted increasingly sophisticated social engineering tactics, targeting employees of organizations through fake support messages delivered via Microsoft Teams, a platform widely used for internal business communication.According to intelligence shared by Microsoft […]
December 25, 2024

UAC-0099 Using WinRAR Exploit to Target Ukrainian Firms with LONEPAGE Malware

The threat actor identified as UAC-0099 has been associated with ongoing cyberattacks targeting Ukraine, some of which exploit a critical vulnerability in WinRAR to deploy a malware variant known as LONEPAGE. According to cybersecurity firm Deep Instinct, “The threat actor primarily focuses on Ukrainian employees working for foreign companies.” This observation was made in a report published on Thursday. UAC-0099 […]
December 15, 2024

Over 25,000 SonicWall VPN Firewalls exposed to critical flaws

A recent analysis by cybersecurity firm Bishop Fox uncovered that over 25,000 publicly accessible SonicWall SSLVPN devices are vulnerable to critical security flaws, with 20,000 running outdated SonicOS/OSX firmware that is no longer supported by the vendor. The study identified a total of 430,363 publicly exposed SonicWall firewalls, significantly expanding the potential attack surface for cyber threats. Many of these […]
December 5, 2024

Key electricity distributor in Romania warns of ‘cyber attack in progress’

A leading energy services company in Romania has confirmed that it is currently dealing with an ongoing cyberattack. Electrica Group, a company listed on both the Bucharest and London stock exchanges that supplies electricity to over 3.8 million customers in Romania, stated to investors on Monday, alerting them to a “cyber attack in progress.”According to the company’s CEO, Alexandru Chirita, […]
November 20, 2024

Hackers Hijack Unsecured Jupyter Notebooks to Stream Illegal Sports Broadcasts

Cybercriminals are taking advantage of poorly configured JupyterLab and Jupyter Notebooks to engage in stream ripping and facilitate sports piracy using live-streaming capture tools. The attackers gain initial access by hijacking unsecured Jupyter Notebooks and then execute a series of actions aimed at illegally streaming sports events. This hidden piracy operation was uncovered by the cloud security firm after one […]
October 22, 2024

Mexican airport operator purportedly breached by RansomHub

Mexico’s Grupo Aeroportuario del Centro Norte (OMA), which manages over a dozen airports across the country, has reportedly fallen victim to the RansomHub ransomware operation. The threat actors have claimed responsibility for the breach, alleging possession of 3 TB of sensitive data and warning of its exposure should the company fail to comply with their ransom demands, according to The […]
September 24, 2024

Global infostealer malware operation targets crypto users, gamers

A large-scale information-stealing malware operation, comprising thirty distinct campaigns and targeting a wide range of user demographics and system platforms, has been identified and attributed to a cybercriminal group known as “Marko Polo.”The threat actors employ multiple distribution methods, including malicious advertising (malvertising), spearphishing, and brand impersonation within the online gaming, cryptocurrency, and software sectors, to disseminate fifty malware variants, […]
September 20, 2024

New Linux malware Hadooken targets Oracle WebLogic servers

Aqua Security’s Nautilus research team recently reported the emergence of a new Linux malware called Hadooken. This malware specifically targets Oracle WebLogic servers to deploy additional malicious software and extract credentials for lateral movement within compromised networks.The Hadooken malware is disseminated through attacks that exploit vulnerabilities associated with weak passwords to gain initial access. Once attackers infiltrate a WebLogic server, […]