Share Blog Post
- Kaspersky released a safety guide for Android users detailing how alternative downloading or installation of apps from stores other than Google Play jeopardize their data and money.
- A paper published by security researchers from the University of Plymouth and the University of Portsmouth found a way to speed up the detection of phishing websites. According to the paper, ML models trained on the visual representation of website codes can enhance the accuracy and speed of the process.
- The Biden Administration released multiple documents that serve as guidelines for agencies to implement cybersecurity architectures by the end of fiscal 2024. The documents will be out for public comment from October 01.
- The Irish Gardai confiscated the cyberinfrastructure of the group involved in the HSE cyberattack earlier this year. Officials seized domains via which hackers made 753 attempts via ICT systems worldwide.
- A Ukrainian individual has been indicted by the U.S. Department of Justice for brute-forcing computer login credentials and then selling them in underground marketplaces.
- The CISA published new guidelines for both private and government organizations to follow while outsourcing to managed service providers. This guidance is aimed at boards of directors and senior executives, network and system administrators, and procurement professionals.
- A cybercriminal, allegedly from the Groove ransomware gang, dumped approximately 500,000 Fortinet VPN login credentials on a hacker forum and a telegram channel for free.
- Personal and medical records of over 40,000 patients at Bhumirajanagarindra Kidney Institute Hospital, Bangkok, were stolen by a cybercriminal. A similar incident impacted Phetchabun Hospital last Sunday.
- An unidentified hacker group hijacked a Russian government website and launched Bitcoin giveaway scams, wherein they asked users to install an application to qualify for schemes.
- A massive DDoS attack hobbled Australia and New Zealand Banking Group’s New Zealand site and NZ Post due to an issue at one of its third-party providers.
- Researchers noted that the leak site and other sites connected to the REvil ransomware group are back online, suggesting the group’s resurgence after it disappeared following the Kaseya attack.
- Days after eHAC’s leak in Indonesia, another COVID-19 tracking app in the country named PeduliLindungi exposed personal data and vaccination information of residents, including that of the President.
- A security misconfiguration in the storage servers of Texas Right to Life laid bare the personal data of at least 300 job applicants, via their resumes.
- The visa website of the French government experienced a foreign intrusion that led to the exposure of personal data of about 8,700 users. Authorities denied the leak of any sensitive details.
- The United Nations admitted to having suffered a data breach in April. Intruders accessed its networks, leading to further intrusions.
- CoomingProject, a new hacker group, claimed responsibility for breaching the networks of the South African National Space Agency (SANSA) and stealing mostly space science research-related work.
- Internet service provider Yandex is experiencing one of the biggest DDoS attacks, that began last week, in the history of RuNet. The attack was launched by a new DDoS botnet named M?ris that gains its power from more than 250,000 compromised devices.
- AT&T Alien Labs uncovered a new Chimaera campaign by the TeamTNT hacker group that targets multiple operating systems. The infection impacted thousands of devices globally.
- A team of academics discovered a new side-channel technique in CPUs named Spook.js that can exploit the site isolation feature in Google Chrome and Chromium-based browsers to steal data.
- The recently disclosed flaw in the Atlassian Confluence service was exploited in an attack to install a cryptocurrency miner. The flaw is tracked as CVE-2021-26084 and is related to an OGNL injection issue.
- Microsoft warned of a new zero-day flaw affecting Internet Explorer. The flaw can be abused by leveraging a specially crafted Microsoft Office Doc.
- ESET researchers stumbled across a mobile espionage campaign—active since March 2020—aimed at the Kurdish ethnic group. The campaign is conducted by the BlackHawk attackers who use Facebook and fake Android apps to trick users.
- Ragnar Locker operators have adopted a new tactic to extort their victims. They have announced that they will leak the stolen data if the victims contact law enforcement agencies, negotiators, and data recovery experts.
- Research reveals that ransomware operators are heavily relying on dark web marketplaces to purchase the network access of large companies. One of the posts was linked to BlackMatter ransomware operators who were willing to spend between $3,000 and $100,000 to buy network access.
Posted on: September 10, 2021
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.
Explore Industry Briefs
Cyware for Enterprise
Adopt next-gen security with threat intelligence analysis, security automation...
Cyware for ISACs/ISAOs
Anticipate, prevent, and respond to threats through bi-directional threat in...