Share Blog Post
- The CISA, FBI, and NSA issued a joint cybersecurity advisory against rising Chinese state-sponsored cyber activities and offered mitigation steps to protect the federal government.
- After securing a court order, Microsoft will be taking down malicious homoglyph domains that scammers or hackers register to spoof legitimate sites of various businesses and brands.
- Kaseya received a universal decryptor for the victims of REvil ransomware to help them recover and restore their systems.
- A U.K citizen was arrested in Estepona, Spain, for his involvement in the Twitter hack in July 2020, which resulted in the compromise of 130 high-profile accounts.
- Group-IB and the Dutch National Police tracked down alleged members of the cybercrime group named Fraud Family. The group develops, sells, and rents sophisticated phishing frameworks.
- A study by Columbia Engineering revealed the first way to encrypt personal images in cloud photo services. Dubbed Easy Secure, the system encrypts images uploaded on the cloud and deters attackers and the services from decrypting the images.
- Italy-based TicketClub fell victim to a security breach and the data of over 300,000 users are put on sale on RaidForums marketplace. The threat actor responsible goes by the online name of bl4ckt0r.
- An SQL database belonging to Humana leaked highly sensitive data—patients’ names, IDs, email addresses, password hashes, Medicare Advantage Plan listings, and medical treatment data—of over 6,000 patients on a hacker forum.
- Cloudstar was hit by ransomware that disrupted its systems. Presently, only the Office 365 mail services, the email encryption offering, and some support services are fully operational.
- Cybercriminals are taking advantage of the recent tragic condo collapse incident in South Florida to steal the identities of deceased members.
- A malspam campaign was found delivering Remcos RAT via financially-themed emails. The types of attachments used to lure users are related to transaction invoices, appraisal reports, and payment advice, among others.
- Scammers launched multiple fake American Rescue Plan Act signup sites to harvest credentials and personal information from users. The fake sites imitate government websites and ask for names, social security numbers, and photos of drivers’ licenses from targets.
- ZeroX claimed to have stolen 1TB of sensitive data from Saudi Aramco. The stolen data has been put up for sale on multiple hacking forums. Saudi Aramco denied the hack.
- Pegasus malware has been linked to worldwide espionage attacks that targeted activists, journalists, business executives, and politicians. The spyware was used to potentially steal data from more than 50,000 smartphones.
- User IDs and passwords for the Tokyo Olympic ticket gateway were posted on a leak website, following an alleged breach. The data also include names, addresses, and account numbers of people who bought Paralympic tickets.
- A new XCSSET malware variant has been found targeting macOS 11 systems in a new attack campaign. This variant can pilfer data from Telegram and other apps.
- A new malware strain dubbed MosaicLoader is targeting systems via cracked installers and propagating sets of sophisticated malware such as Glupteba. The malware includes several anti-analysis techniques to slip past antivirus software.
- The new Dmechant is being disseminated via phishing emails. The malware steals crypto wallet information and credentials from the victims’ infected devices.
- Bandook has been linked to a new espionage campaign that targets Spanish citizens via phishing emails. The campaign is carried out by a new group identified as TA2721.
- An Olympics-themed wiper malware was discovered targeting Japanese PCs. The malware is capable of wiping files on infected systems and specifically targets files created with the Ichitaro app.
- A new strain of the Joker malware was recently spotted being propagated via 11 apps on the Google Play Store.
- The ANSSI issued an alert bulletin warning against a new series of attacks against many French organizations. The campaign is being coordinated by the China-sponsored APT31 group.
- A new crypto scam that promises users huge returns has been spotted. It further asks the recipients to connect via WhatsApp for more details and guidelines.
Posted on: July 23, 2021
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.
Explore Industry Briefs
Cyware for Enterprise
Adopt next-gen security with threat intelligence analysis, security automation...
Cyware for ISACs/ISAOs
Anticipate, prevent, and respond to threats through bi-directional threat in...