Blog
Azure Domains and Google Abused to Spread Disinformation and Malware
Azure domains and Google have been exploited to spread disinformation and malware in a sophisticated campaign that involves using several Microsoft Azure and OVH cloud subdomains along with Google search notifications.
Crypto Firm Says Hacker Locked All Employees Out of Google Products for Four Days
A cryptocurrency company reported to the SEC that a hacker breached its systems on August 9, 2024, locking all employees out of Google products for four days by changing the passwords on their G-Suite accounts.
Mad Liberator Gang Uses Fake Windows Update Screen to Hide Data Theft
A new cybercrime group named Mad Liberator has been identified by the Sophos X-Ops Incident Response team for targeting AnyDesk users. This ransomware group is using a fake Microsoft Windows update screen to hide their data exfiltration activities.
Xeon Sender Tool Exploits Cloud APIs for Large-Scale SMS Phishing Attacks
Malicious actors are using a cloud attack tool named Xeon Sender to conduct SMS phishing and spam campaigns on a large scale by abusing legitimate services. "Attackers can use Xeon to send messages through multiple software-as-a-service (SaaS) providers using valid...
Researchers Uncover New Infrastructure Tied to FIN7 Cybercrime Group
Researchers have uncovered new infrastructure connected to the financially motivated threat actor FIN7. The analysis reveals communications inbound to FIN7 infrastructure from IP addresses assigned to Post Ltd in Russia and SmartApe in Estonia.
Thousands of Oracle NetSuite E-Commerce Sites Expose Sensitive Customer Data
Thousands of Oracle NetSuite E-Commerce Sites are at Risk of Exposing Sensitive Customer Data due to a widespread misconfiguration in the SuiteCommerce enterprise resource planning (ERP) platform.
Microsoft Patches Zero-Day Flaw Exploited by North Korea’s Lazarus Group
A newly patched security flaw in Microsoft Windows was exploited as a zero-day by Lazarus Group, a prolific state-sponsored actor affiliated with North Korea. The security vulnerability, tracked as CVE-2024-38193 (CVSS score: 7.8), has been described as a privilege...
Researchers Uncover New Infrastructure Tied to FIN7 Cybercrime Group
Cybersecurity researchers have discovered new infrastructure linked to a financially motivated threat actor known as FIN7. The two clusters of potential FIN7 activity "indicate communications inbound to FIN7 infrastructure from IP addresses assigned to Post Ltd...
Google Pixel Devices Shipped with Vulnerable App, Leaving Millions at Risk
Google Pixel devices shipped globally since September 2017 were found to contain a pre-installed app called Showcase.apk, leaving them vulnerable to potential attacks and malware infections.
Google Pixel Devices Shipped with Vulnerable App, Leaving Millions at Risk
Google Pixel devices shipped globally since September 2017 were found to contain a pre-installed app called Showcase.apk, leaving them vulnerable to potential attacks and malware infections.
FREE GUIDE