Archive

Group-IB has detected financially motivated attacks carried out in June by newbie threat actors from Iran. The attackers used Dharma ransomware and a mix of publicly available tools to target companies in Russia, Japan, China, and India. All the affected organizations had

IT infrastructure and security management solutions provider Kaseya today announced the acquisition of Graphus, an automated phishing defense platform. The acquisition sees Kaseya boost its security offering and expand its IT Complete platform for MSPs and SMBs. The Graphus solution

A detailed analysis of the APT group DeathStalker has been published today by Kaspersky, highlighting the scale of its operations throughout the world, from Europe to Latin America. The ‘hacker-for-hire’ organization is known to have been active since at least

The US government has been forced to issue an alert warning home workers of an aggressive new vishing campaign targeting corporate accounts. The joint advisory came from the FBI and Cybersecurity and Infrastructure Security Agency (CISA) at the end of

The company behind one of India’s most popular travel booking sites exposed 43GB of customer and corporate data before it was deleted by the infamous “Meow” attacker, according to researchers. A team at SafetyDetectives led by Anurag Sen discovered an

This write-up walks us through one of my many journeys in my external penetration testing and how I compromised the organization in this write-up. After executing security assessments (e.g. Penetration Testing, Red Teaming, etc.), I make it a habit to

Freepik, one of the most popular online graphic resources sites online has disclosed a security breach that impacted 8.3 Million users. Freepik, the popular website that provides high-quality free photos and design graphics, has disclosed a major security breach that impacted

Experts at threat intelligence firm Cyble came across a post published by Maze ransomware operators claiming to have breached the steel sheet giant Hoa Sen Group. During the ordinary monitoring of Deepweb and Darkweb, researchers at Cyble came across the leak disclosure

The Tennessee Bureau of Investigation said yesterday that the number of tips received regarding cybercrimes against children has increased sharply since the outbreak of COVID-19. Speaking to media, TBI Director David Rausch said investigators had received more than twice the

Cross-site scripting has topped the 2020 list of the 25 Most Dangerous Software Weaknesses compiled by the Common Weakness Enumeration (CWE). The vulnerability, described by the CWE as “improper neutralization of input during web page generation,” was given a threat

Instacart has reported a security incident in which two employees working for a third party vendor accessed its customers’ personal information. The company noted these individuals “reviewed more shopper profiles than was necessary in their roles as support agents.” Information

Credential stuffing attacks against the media industry have grown substantially from an already large base during the COVID-19 pandemic, according to experts from Akamai speaking on a recent webinar. This is borne out of a rise in people using online

The volume of stolen payment cards up for sale on the dark web has plummeted in the first half of 2020 thanks in part to changing shopping patterns driven by COVID-19, according to Sixgill. The cyber-intelligence company’s biannual Underground Financial

A new report by Ensono has found that tech conferences are geared specifically toward men and are bad at providing an inclusive experience for women of color. The “2020 Speak Up” report audited 18 major tech conferences from around the

Recently, Cisco has released several security updates to address and fix different vulnerabilities in multiple Cisco products. All these vulnerabilities allow attackers to remotely execute arbitrary code on target PC to gain admin access and steal sensitive information. Till now

A majority of global organizations have been spending more on cybersecurity and compliance during the pandemic, whilst also reporting increased pressure to reduce costs, according to new Microsoft data. The Redmond giant polled nearly 800 business leaders from organizations with