Security researchers have uncovered more evidence that the North Korean Lazarus group is responsible for the software supply chain attack on 3CX, a voice and video calling desktop client used by major multinational companies. Tools and code samples match previous Lazarus hacks.
The Ukrainian law enforcement busted a transnational group of scammers that used more than a hundred phishing websites to defraud Europeans. Scammers embezzled nearly $4.4 million by fooling more than a thousand victims to hand over payment card details, say police.
Hackers have used a modular toolkit called "AlienFox'" to compromise email and web hosting services at 18 companies. Distributed mainly by Telegram, the toolkit scripts are readily available in open sources such as GitHub, leading to constant adaptation and variation in the wild.
The parent company of subprime lender TitleMax says hackers made off the Social Security numbers and financial account information of up to nearly 5 million individuals. The company notified the FBI and "believes the incident has been contained." Hackers stole information over an 11 day period.
Every week, Information Security Media Group rounds up cybersecurity incidents in the world of digital assets. In focus between March 24 and 30: SafeMoon, an update on Euler Finance, crypto-stealing Clipper malware, BitKeep, theft fail at Swerve Finance, THORChain, APT43 and an update on ParaSpace.
Suspected North Korean hackers trojanized installers of a voice and video calling desktop client made by 3CX and used by major multinational companies. The vulnerability traces to a poisoned Electron software library file, an open-source framework for user interfaces.
Leaked documents from a Moscow IT consultancy reveal how the Russian government has commissioned tools for its military and intelligence agencies for conducting cyber operations, information warfare, and controlling the internet, as well as training critical infrastructure hackers.
In this week's data breach spotlight: Telecom giant Lumen reports incidents, Taiwanese hardware vendor QNAP discloses vulnerabilities, debt collector NCB suffers a data breach and more data breaches occur in Australia. Also, there's a new Mac info stealer, and Toyota Italy exposed customer data.
Security experts are urging users of IBM's Aspera Faspex file-exchange application to take it offline immediately unless they've patched a flaw being actively exploited by ransomware groups, including Buhti and IceFire. Separately, QNAP is warning customers to prepare for emergency security fixes.
The U.S. Consumer Financial Protection Bureau is mulling over whether to reimburse consumers for online scams and fraud, but this regulatory change could lead to an increase in first-party fraud, cautioned Karen Boyer, senior vice president of financial crimes at M&T Bank.
A hacking group with apparent ties to Russia or Belarus has been using "simple yet effective attack techniques and tools" to gain access to multiple governments' email systems as part of apparent cyberespionage operations in support of Russia's invasion of Ukraine, researchers warn.
There's much national security ado about how much user data gets collected by the Chinese-owned, wildly popular video-sharing app TikTok. But as France's ban of "recreational apps" from government-issued devices highlights, a bigger-picture approach for combating surveillance is required.
Credential harvesting attackers are taking advantage of a distributed file protocol to distribute customized phishing links. Because the system, the InterPlanetary File System, is designed to be resilient against content takedowns, scammers are using it to deliver phishing emails at scale.
A U.S. federal judge sentenced a Nigerian national to four years in prison for running several cyber-enabled schemes aimed at defrauding U.S. citizens out of more than $1 million. The men were arrested four years ago and extradited to Arizona in 2022 from Malaysia and the United Kingdom.
Blue Shield of California is notifying more than 63,000 customers that their data was potentially exfiltrated in a compromise involving Fortra's GoAnywhere secure file transfer software and one of the health plan's covered mental health providers for minors.