ESET analyzed the distribution technique used by cyber criminals in new Emotet campaign that has recently affected various countries in Latin America. In November, experts from ESET uncovered a massive spam campaign that was distributing the Emotet malware. The campaign targeted several users in some Latin American countries and ESET shared details on the propagation used […]
Security firm Group-IB has estimated that the market volume of illegal online sales of alcohol in Russia exceeded 30 million USD in 2018, i.e. almost 5.8 million USD (+23%) more than in 2017. Group-IB Brand Protection team discovered a total of around 4,000 websites illegally selling alcohol. Criminals create entire networks from the âmirrorâwebsitesâ of their online alcohol stores; if one […]
BevMo, the wine and liquor store, is warning customers of payment card breach and reported the incident to the authorities. The wine and liquor store BevMo suffered a payment card breach, a hacker stole credit card numbers and other information from more than 14,000 customers who purchased goods on the website. The company has notified […]
Researchers at Menlo Labs uncovered a malicious email campaign targeting employees of banks and financial services companies abusing Google Cloud Storage. The campaign targeted organizations in the US and the UK, the attackers have been abusing Google Cloud Storage to deliver payload. The spam campaign uses messages including links that point to archivefiles such as .zip or .gz. Attackers […]
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! Twitter fixed bug could have exposed Direct Messages […]
Personal information belonging to over 500,000 students and 50 district employees were exposed in the San Diego School District (SDUSD) security breach. An attacker sent spear-phishing to SDUSD personnel with the intent of trick them into revealing credentials to access the district’s network services. The attacker accessed personal information of student and staff, including names, […]
U.S. Authorities Take Down 15 DDoS-for-Hire Websites The Department of Justice (DoJ) announced that the FBI seized 15 domains associated with DDoS-for-hire services. The FBI has seized 15 domains associated with DDoS-for-hire services (aka booters or stressers) that were used by their customers to launch powerful DDoS attacks. The U.S. District Court for the Central […]
A new variant of the infamous Danabot botnet hit Italy, experts at Cybaze-Yoroi ZLab dissected one of these sample that targeted entities in Italy. In the last weeks, a new variant of the infamous Danabot botnet hit Italy. Security firms such as Proofpoint and Eset analyzed other samples of the same threat targeting the Australian landscape back in […]
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! STOLEN PENCIL campaign, hackers target academic institutions. WordPress […]
Security experts at Trend Micro have discovered a new exploit kit, dubbed Novidade (ânoveltyâ in Portuguese), that is targeting SOHO routers to compromise the devices connected to the network equipment. The Novidade exploit kit leverages cross-site request forgery (CSRF) to change the Domain Name System (DNS) settings of SOHO routers and redirect traffic from the connected […]