Tag: Cybersecurity

SugarGh0st RAT Targets Uzbekistan and South Korea

Asian government-sponsored hackers are making a fuss again.

A new malicious campaign employs SugarGh0st RAT to target government agencies. Artifacts in the decoy documents hint at a potential Chinese-speaking actor. SugarGh0st Uses Spear Phishing to Attack Governments Researchers have uncovered a new wave of cyber threats targeting government entities in Uzbekistan and South Korea in recent cybersecurity developments. Utilizing a customized variant of… Continue reading SugarGh0st RAT Targets Uzbekistan and South Korea

Dollar Tree Data Breach Impacting 2 Million People

Even not a direct incident can cause harm.

Discount retailer Dollar Tree was hit by a data breach when third-party service provider Zeroed-In Technologies fell victim, affecting almost 2 million customers. It may probably be the biggest indirect damage of the hack throughout the last years. Data Breach in Zeroed-In Affects Dollar Tree Popular discount retailer Dollar Tree has revealed that they were… Continue reading Dollar Tree Data Breach Impacting 2 Million People

BLUFFS Bluetooth Vulnerability Threatens Billions of Devices

Bluetooth Forward and Future Secrecy (BLUFFS) vulnerabilities can leave devices vulnerable to man-in-the-middle attacks

Eurecom has uncovered a series of exploits named “BLUFFS”, posing a significant threat to the security of Bluetooth sessions. These attacks exploit two previously unknown flaws in the Bluetooth standard, impacting versions 4.2 through 5.4 and potentially putting billions of devices, including smartphones and laptops, at risk. BLUFFS Exploits – How Do They Work? BLUFFS… Continue reading BLUFFS Bluetooth Vulnerability Threatens Billions of Devices

Okta Hack Exposes Data of All Support Customers

Data breach from mid-October touches all the Help Center clients, not just 134 of them

Back in mid-October 2023 Okta, one of the world’s largest identity providers, suffered a data breach. Security vulnerabilities in its support system allowed hackers to access one of the support accounts. Formerly, it was said about a miserable amount of customers suffering from the breach. But over a month later, the company discloses that hackers… Continue reading Okta Hack Exposes Data of All Support Customers

Ethyrial: Echoes of Yore Ransomware Attack Wiped Player Accounts

A rare occasion of ransomware attack on a game developer led to the wipe of player accounts

“Ethyrial: Echoes of Yore” fell victim to a ransomware attack last Friday. The attack hit 17,000 player accounts, wiping them – a yet unseen outcome of a ransomware attack. Ransomware encrypted main server “Ethyrial: Echoes of Yore” On October 19, 2023, ransomware actors successfully attacked the main server of the Ethyrial: Echoes of Yore game.… Continue reading Ethyrial: Echoes of Yore Ransomware Attack Wiped Player Accounts

Rude Stealer Targets Data from Gamer Platforms

Java-based stealer target gaming platforms

A newly discovered Java-based stealer named Rude has emerged, encapsulated within a Java Archive (JAR) file. It employs a range of sophisticated functionalities and focuses on stealing sensitive data from gaming platforms such as Steam, Discord, and other browsers. Rude Stealer Overview In early November 2023, researchers identified a malicious JAR file labeled “Stealer.jar” on… Continue reading Rude Stealer Targets Data from Gamer Platforms

Phobos Ransomware Mimics VX-Underground Researchers

Ransomware criminals from Phobos group released ransomware that masquerades as the development of VX-Underground community

A new version of Phobos ransomware claims to be developed by VX-Underground, a malware info sharing community. Hackers again disguise themselves as information security specialists, ruining their image. How funny or serious is this all? What is Phobos ransomware? Phobos ransomware emerged in 2018 as a ransomware-as-a-service (RaaS), an offshoot of the Crysis ransomware family.… Continue reading Phobos Ransomware Mimics VX-Underground Researchers

Welltok Data Breach Exposes More Than 8 million Patients

Welltok's breach, affecting 8.5M patients, emphasizes the imperative for rigorous cybersecurity in safeguarding sensitive healthcare data.

Welltok, a healthcare Software as a Service (SaaS) provider, has reported unauthorized access to its MOVEit Transfer server, impacting the personal information of nearly 8.5 million patients in the United States. The breach, detected on July 26, 2023, has raised concerns about the security of patient data and has significant implications for healthcare providers across… Continue reading Welltok Data Breach Exposes More Than 8 million Patients

LitterDrifter – Russia’s USB Worm Targeting Ukrainian Entities

LitterDrifter USB worm is a cyber threat targeting Ukrainian entities, emphasizing the need for robust cybersecurity defenses worldwide.

LitterDrifter USB worm, intricately linked to the notorious Gamaredon group and originating from Russia. It has set its sights on Ukrainian entities, adding a concerning layer to the already complex world of state-sponsored cyber espionage. This USB worm, believed to be orchestrated by Russian actors, not only showcases the adaptability and innovation of Gamaredon but… Continue reading LitterDrifter – Russia’s USB Worm Targeting Ukrainian Entities

Apache ActiveMQ Vulnerability Exploited In The Wild

Hackers actively exploit the vulnerability in Apache ActiveMQ, detected back in October 2023

Recent Apache ActiveMQ vulnerability, that allows for remote code execution, is reportedly exploited in real-world attacks. Analysts noticed several exploitation cases that used this vulnerability to infect Linux systems with Kinsing malware. That is a rare sight of a high-profile vulnerability being exploited to infect exclusively Linux machines. Apache ActiveMQ Vulnerability Allows for RCE Analysts… Continue reading Apache ActiveMQ Vulnerability Exploited In The Wild