Security Newsletter
FBI: Business Email Compromise – a $43B Scam
A new FBI report warns of a staggering spike in hacking activities using the Business Email Compromise technique (BEC), resulting in losses worth billions of dollars. Business Email Compromise - a Billion-Dollar Problem In a new report, the FBI sheds some light on the...
NVIDIA Confirms Employee Credentials And Proprietary Data Stolen During Cyberattack
NVIDIA confirmed the Lapsus$ cyberattack and the data leak that followed, saying it first became aware of the security incident on February 23. The tech giant also confirmed it had suffered damages related to its IT resources. Photo by Markus Spiske on Unsplash NVIDIA...
FoxBlade Trojan Hit Ukraine Right Before The 24 Feb Devastating Russian Invasion
Microsoft discovered an attack using the FoxBlade malware that had compromised Ukrainian systems just hours before Russia's massive and ruthless rain of missiles and tank swarms. The company did not disclose the exact way and time of infiltration yet. Photo by Artem...
Anonymous Group Sides With Ukraine And Declares Cyberwar On Russia
The hacker collective known as the Anonymous group announced its support to Ukraine. It defied Vladimir Putin by taking down the Government's official website, playing Ukraine's national anthem on Russian media channels, and hacking critical Kremlin databases. The...
Phishing Attacks Against Those Who Help Ukrainian Refugees
Cybercriminals used a compromised military email address to launch phishing attacks targeting EU personnel aiding Ukrainian citizens who had fled the crushing Russian invasion. The perpetrators are believed to be located in Belarus, but how exactly they gained access...
Lapus$ Extortionists Leak 190GB of Samsung Data After Massive Cyberattack
The Lapus$ cybercriminal group recently leaked a massive confidential data trove that they claim to have exfiltrated from tech giant Samsung Electronics. The data leak comes on the heels of another hit that resulted in a 1TB data collection stolen from Nvidia, out of...
Credential-Stuffing Attacks Compromised 1.1 Million Accounts At 17 Large Companies
A staggering 1.1 million accounts were hacked in credential-stuffing attacks, according to the New York State AG. Credential-Stuffing Attacks Aiming High A New York State investigation revealed that cybercriminals hit 17 major companies with credential-stuffing...
The FlexBooker Data Breach: 3.7 Million Records Leaked
The bad guys are starting off the new year with ambitious schemes - they're trading millions of records stolen in three attacks, one of which is the FlexBooker data breach. Uawrongteam Behind The FlexBooker Data Breach A cybercriminal group called Uawrongteam is...
Massive McMenamins Data Breach Left 12 Years Of Employee Records Exposed
The Pacific Northwest chain still hasn't fully recovered from a crippling December 12 attack. The company confirmed that a significant amount of employee data was exposed in the data breach. Ransomware Attack Ended With A Jaw-Dropping Data Breach A devastating...
Purple Fox Rootkit Delivered By Poisoned Telegram Installers
Several malicious Telegram installers were observed dropping the same Purple Fox rootkit version using the same attack methods, including email distribution and phishing websites. Antivirus Engines Fooled By The Purple Fox Rootkit Most antivirus solutions can't detect...