Ransomware Actors Target IBM’s Aspera Faspex

CVE-2022-47986 vulnerability allows circumventing the authentication and arbitrary code execution

File transfer utility Aspera Faspex, developed by IBM, became a riding mare of cybercriminals. A vulnerability discovered in the past year is exploited to deploy various ransomware samples. Key threat actors using that breach are IceFire, Shadowserver and Buhti. The issue allows arbitrary code execution, and touches all app versions before Faspex 4.4.2 PL2. What… Continue reading Ransomware Actors Target IBM’s Aspera Faspex

3CX Phone System is Struck With Chain Supply Attack

Over 12 million people around the world are targeted with 3CX attack

3CX Phone System, a desktop app for business phone communication, fell victim to a supply chain attack. Recent updates deliver a forged version of the application that makes it possible to install stealer malware. The actual payload is getting delivered in a 3-stage manner, which makes it harder to track. What is the 3CX Phone… Continue reading 3CX Phone System is Struck With Chain Supply Attack

Linus Tech Tips YouTube Channel Hacked

A 15-million YouTube channel was hijacked to spread crypto-related scam

Linus Tech Tips, a YouTube 15-million tech channel, was hacked and then used to spread a cryptocurrency scam. It happened around March 23, 2023, and could have led to massive victims among channel subscribers. YouTube has already taken care of the channel by suspending it. Who is Linus Tech Tips? Linus Tech Tips is a… Continue reading Linus Tech Tips YouTube Channel Hacked

BreachForums is down. Things got worse?

BreachForums website is not accessible after the recent detainment of its chief PomPomPurin

Recently, one of BreachForums administrators nicknamed PomPomPurin was arrested by the FBI. That event took place on March 17, 2023, and since then, another administrator of that forum assured that BreachForums activity will not be interrupted or influenced. However, since 19:00 GMT of March 19, the page is not available. What is BreachForums and who… Continue reading BreachForums is down. Things got worse?

5 Tips to Improve Your Privacy on the Web

Web browsers keep tons of our information. But how to keep it secure?

Nowadays, online privacy is a crucial concern that we should all be aware of, especially when it comes to using a web browser. It contains all the information about our daily online activities – and each of us has plenty of it. In this article, we’ll give you some practical advice on how to safeguard… Continue reading 5 Tips to Improve Your Privacy on the Web

New Microsoft SmartScreen Bypass Technique Causes Concerns

CVE-2023-24880 allows to skip the certificate check

Microsoft SmartScreen proved to be an effective way of approving the legitimacy of the application – by checking one’s certificate. With time, Microsoft did a lot of work making it more efficient and sustainable to hacking – but that never made even a single mechanism secure from zero-day breaches. A new vulnerability that allows bypassing… Continue reading New Microsoft SmartScreen Bypass Technique Causes Concerns

Mobile Malware Threat Landscape — 2022 Summary

As the use of smartphones proliferates, so does the likelihood of being exposed to a phone-based cyber attack.

Today, a smartphone is much more than just a way to reach someone on the phone. Our smartphones contain valuable information, such as private photos, logins, and passwords for online banking. No wonder scammers are trying every way to gain access to our gadgets. Unfortunately, malware developers have mastered mobile platforms and continue to annoy… Continue reading Mobile Malware Threat Landscape — 2022 Summary

ImBetter: New Information Stealer Spotted Targeting Cryptocurrency Users

Phishing sites trick users into downloading ImBetter Stealer.

Today, phishing sites are commonplace. But unfortunately, this seemingly old, deceptive tactic, which everyone seemed to have figured out long ago, still brings enormous profits to scammers today. The problem is that while Internet users are becoming more cautious, cyber scammers are developing more sophisticated ways to trick them. One such method is ImBetter malware.… Continue reading ImBetter: New Information Stealer Spotted Targeting Cryptocurrency Users

СhatGPT Became a Source of Phishing

As the digital world continues to evolve, so do the tactics of online scammers who seem to have an unending well of creativity when it comes to their fraudulent schemes. ChatGPT, one of the latest breakthroughs in the field of AI, recently became resident to numerous newspaper headletters. Being a language model, it can generate… Continue reading СhatGPT Became a Source of Phishing