Tag: daily cybersecurity news

National Student Clearinghouse data breach impacts 890 schools
25Sep By RBNo Comments
News

National Student Clearinghouse data breach impacts 890 schools

890 schools around the country that use National Student Clearinghouse's services have been affected by a data hack, according to the nonprofit educational organization. Attackers got access to Clearinghouse's MOVEit managed file transfer (MFT) server on May 30 and stole files containing a variety of personal information, according to a breach notification letter submitted to the Office of the California Attorney General. The Clearinghouse was warned of a cybersecurity problem with Progress Software's MOVEit Transfer solution on May 31, 2023, according to a statement from the Clearinghouse. We immediately launched an inquiry after becoming aware of the problem, assisted by top cybersecurity authorities read more National Student Clearinghouse data breach impacts 890 schools. S...
Read More
Fake celebrity photo leak videos flood TikTok with Temu referral codes
25Sep By RBNo Comments
News

Fake celebrity photo leak videos flood TikTok with Temu referral codes

Videos advertising phony celebrity nude photo releases are overrun on TikTok and used to promote referral bonuses for the Temu online megastore. Temu is an online retailer that offers millions of items at deeply discounted prices, the majority of which are sent from China. Since the online store opened in September 2022, there has been a lot of debate about it, with some people calling it a hoax and others praising the cheap goods they get. Customers can create referral codes and links on Temu to share with family, friends, and on social media in order to promote the website and earn store credit, freebies, or points for their rewards program read more Fake celebrity photo leak videos flood TikTok with Temu referral codes. Stay informed with the best cybersecurity news and rai...
Read More
Banking Trojan BBTok Targets Over 40 Latin American Banks
25Sep By RBNo Comments
News

Banking Trojan BBTok Targets Over 40 Latin American Banks

A new form of the banking trojan known as BBTok is being distributed via an active malware operation that primarily targets victims in Brazil and Mexico. "The BBTok banker has a dedicated functionality that replicates the interfaces of more than 40 Mexican and Brazilian banks, and tricks the victims into entering its 2FA code to their bank accounts or into entering their payment card number," Check Point claimed in research released this week. The payloads are distributed via phishing emails that make use of a range of file kinds, are created by a bespoke server-side PowerShell script, and are distinct for each victim dependent on the operating system and country read more Banking Trojan BBTok Targets Over 40 Latin American Banks. Stay informed with the best cybersecurity news an...
Read More
Deadglyph New Advanced Backdoor with Distinctive Malware Tactics
25Sep By RBNo Comments
News

Deadglyph New Advanced Backdoor with Distinctive Malware Tactics

A threat actor known as Stealth Falcon used a previously unknown sophisticated backdoor called Deadglyph as part of a cyberespionage operation, according to cybersecurity researchers. The architecture of Deadglyph is peculiar since it comprises of two cooperating parts, one of which is a native x64 binary and the other a.NET assembly, according to a recent report from ESET that was shared with The Hacker News. Because malware normally only employs one programming language for each of its components, this combination is unique. This distinction might point to separate development of those two elements while also utilizing special capabilities of the various programming languages they each employ read more Deadglyph New Advanced Backdoor with Distinctive Malware Tactics. Stay infor...
Read More
New SprySOCKS Linux malware used in cyber espionage attacks
19Sep By RBNo Comments
News

New SprySOCKS Linux malware used in cyber espionage attacks

A new Linux backdoor known as "SprySOCKS" was utilized by a Chinese hacker with a focus on espionage to target government entities in several different nations. With many of its features adapted to work on Linux systems, Trend Micro's study of the innovative backdoor revealed that it derives from the Trochilus open-source Windows malware. The SprySOCKS command and control server (C2) communication protocol is similar to RedLeaves, a Windows backdoor, hence the virus appears to be a mashup of several infections. The interactive shell's implementation, however, seems to have been inspired by the Linux malware Derusbi read more SprySOCKS Linux malware used in cyber espionage attacks. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our compr...
Read More
APT36 state hackers infect Android devices using YouTube app clones
19Sep By RBNo Comments
News

APT36 state hackers infect Android devices using YouTube app clones

At least three Android apps that resemble YouTube are used by the APT36 hacking gang, also known as "Transparent Tribe," to infect devices with their infamous remote access trojan (RAT), "CapraRAT." Once the malware has been put on a victim's device, it can basically function as a spyware tool by collecting data, recording audio and video, or accessing sensitive communication data. APT36 is a threat actor with ties to Pakistan that is well-known for attacking Pakistani human rights advocates as well as Indian defense and government organizations, as well as organizations involved in the affairs of the Kashmir region. SentinelLabs, which cautions individuals and groups connected to the military or diplomacy in India and Pakistan to be extremely aware of YouTube Android apps read m...
Read More
Microsoft AI Researchers Accidentally Expose 38 Terabytes of Confidential Data
19Sep By RBNo Comments
News

Microsoft AI Researchers Accidentally Expose 38 Terabytes of Confidential Data

Microsoft announced on Monday that it has taken action to address a flagrant security blunder that had exposed 38 terabytes of sensitive information. The leak was found on the company's AI GitHub repository, and it's believed to have accidentally become public when a collection of open-source training data was published, according to Wiz. Additionally, it had a disk backup of the workstations of two former workers, which contained over 30,000 internal Teams communications in addition to secrets, keys, and passwords. The repository, known as "robust-models-transfer," is no longer reachable. It provided the raw code and machine learning models read more Microsoft AI Researchers Accidentally Expose 38 Terabytes of Confidential Data. Stay informed with the best cybersecurity news and...
Read More
New AMBERSQUID Cryptojacking Operation Targets Uncommon AWS Services
19Sep By RBNo Comments
News

New AMBERSQUID Cryptojacking Operation Targets Uncommon AWS Services

In order to covertly mine cryptocurrency, a revolutionary cloud-native cryptojacking operation has its sights set on specialized Amazon Web Services (AWS) products like AWS Amplify, AWS Fargate, and Amazon SageMaker. The cloud and container security company Sysdig has given the hostile cyber behavior the codename AMBERSQUID. "The AMBERSQUID operation was able to exploit cloud services without triggering the AWS requirement for approval of more resources, as would be the case if they only spammed EC2 instances," Sysdig security researcher Alessandro Brucato wrote in a study posted with The Hacker News. Targeting numerous services also presents additional difficulties, such as incident response, as it necessitates locating and eliminating all miners in each service that has been ex...
Read More
TikTok flooded by ‘Elon Musk’ cryptocurrency giveaway scams
18Sep By RBNo Comments
News

TikTok flooded by ‘Elon Musk’ cryptocurrency giveaway scams

The video-sharing app TikTok is inundated with a wave of fraudulent cryptocurrency giveaways, with almost all of the films professing to be themes based on Elon Musk, Tesla, or SpaceX. On social media sites like Twitter and Instagram, threat actors have been producing bogus cryptocurrency giveaways for years. These con games pose as celebrity freebies, bitcoin trades, or—more frequently—as Elon Musk or SpaceX impersonations. The con artists create a large number of websites that look like cryptocurrency exchanges or offer free cryptocurrency in exchange for user registrations. But as to be expected, these frauds just steal any cryptocurrency that consumers deposit read more TikTok flooded by Elon Musk cryptocurrency giveaway scams. Stay informed with the best cybersecurity news a...
Read More
WhatsApp rival Telegram gets Crypto wallet integration
18Sep By RBNo Comments
News

WhatsApp rival Telegram gets Crypto wallet integration

The popular messaging software Telegram has announced an integrated cryptocurrency wallet function that enables users to conveniently access their cryptocurrency holdings. People who have used the @wallet bot in the past will see a new option in their Telegram menu that is just for crypto wallets. The information was disclosed during the TOKEN2049 conference, where the TON Foundation and Telegram made their alliance official. Telegram and the TON Foundation made the following commitments at the conference: With the exception of the US, the @wallet integration will offer a link to almost 800 million Telegram users globally read more WhatsApp rival Telegram gets Crypto wallet integration. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with ...
Read More
Follow Us on Twitter
Follow Us on LinkedIn
Follow Us on YouTube
Follow Us on Facebook