Cyber Crime

Pierluigi Paganini May 30, 2024
Okta warns of credential stuffing attacks targeting its Cross-Origin Authentication feature

Identity and access management firm Okta warns of credential stuffing attacks targeting the Customer Identity Cloud (CIC) feature. Okta warns of credential stuffing attacks targeting its Customer Identity Cloud (CIC) feature since April. A credential stuffing attack is a type of cyber attack where hackers use large sets of username and password combinations, typically obtained from previous […]

Pierluigi Paganini May 29, 2024
BreachForums resurrected after FBI seizure

The cybercrime forum BreachForums has been resurrected two weeks after a law enforcement operation that seized its infrastructure. The cybercrime forum BreachForums is online again, recently a US law enforcement operation seized its infrastructure and took down the platform. The platform is now reachable at breachforums[.]st, which was one of the domains used in the past […]

Pierluigi Paganini May 29, 2024
ABN Amro discloses data breach following an attack on a third-party provider

Dutch bank ABN Amro discloses data breach following a ransomware attack hit the third-party services provider AddComm. Dutch bank ABN Amro disclosed a data breach after third-party services provider AddComm suffered a ransomware attack. AddComm distributes documents and tokens physically and digitally to clients and employees. The ransomware attack occurred last week and unauthorized parties […]

Pierluigi Paganini May 28, 2024
Christie disclosed a data breach after a RansomHub attack

Auction house Christie disclosed a data breach following a RansomHub cyber attack that occurred this month. Auction house Christie’s disclosed a data breach after the ransomware group RansomHub threatened to leak stolen data. The security breach occurred earlier this month. The website of the auction house was unreachable after the attack. According to BBC, Christie had problems […]

Pierluigi Paganini May 28, 2024
WordPress Plugin abused to install e-skimmers in e-commerce sites

Threat actors are exploiting a WordPress plugin to insert malicious PHP code in e-commerce sites and steal credit card data. Sucuri researchers observed threat actors using a PHP snippet WordPress plugin to install malicious code in WooCommerce e-stores and harvest credit card details. In the campaign spotted by the experts, attackers use a very obscure […]

Pierluigi Paganini May 27, 2024
Sav-Rx data breach impacted over 2.8 million individuals

Prescription service firm Sav-Rx disclosed a data breach that potentially impacted over 2.8 million people in the United States. Prescription service company Sav-Rx disclosed a data breach after 2023 cyberattack. The company is notifying 2,812,336 individuals impacted by the security breach in the United States. A&A Services, which operates as Sav-RX, shared with the Maine […]

Pierluigi Paganini May 27, 2024
New ATM Malware family emerged in the threat landscape

Experts warn of a new ATM malware family that is advertised in the cybercrime underground, it was developed to target Europe. A threat actor is advertising a new ATM malware family that claims to be able of compromised 99% of devices in Europe. The threat actor is offering the malware for $30,000, he claims that […]

Pierluigi Paganini May 25, 2024
Fake AV websites used to distribute info-stealer malware

Threat actors used fake AV websites masquerading as legitimate antivirus products from Avast, Bitdefender, and Malwarebytes to distribute malware. In mid-April 2024, researchers at Trellix Advanced Research Center team spotted multiple fake AV sites used to distribute info-stealers. The malicious websites hosted sophisticated malicious files such as APK, EXE and Inno setup installer, including Spy […]

Pierluigi Paganini May 22, 2024
Cybercriminals are targeting elections in India with influence campaigns

Resecurity warns of a surge in malicious cyber activity targeting the election in India, orchestrated by several independent hacktivist groups Resecurity has identified a spike of malicious cyber activity targeting the election in India, which is supported by multiple independent hacktivist groups who arrange cyber-attacks and publication of stolen personal identifiable information (PII) belonging to […]

Pierluigi Paganini May 22, 2024
OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

The digital imaging products manufacturer OmniVision disclosed a data breach after the 2023 ransomware attack. OmniVision Technologies is a company that specializes in developing advanced digital imaging solutions. In 2023, OmniVision employed 2,200 people and had an annual revenue of $1.4 billion. OmniVision Technologies Inc. is an American subsidiary of Chinese semiconductor device and mixed-signal integrated […]