Exploits/Vulnerability

Point-of-sale malware used to steal 167,000 credit cards

Posted: October 26, 2022 by Pieter Arntz In the 19 months between February 2021 and September 2022, two point-of-sale (POS) malware operators have stolen more than 167,000 payment records, mainly from the US, according to researchers at Group-IB. The researchers were able to retrieve information about infected machines and compromised credit cards by analyzing a command and control (C2) […]

Point-of-sale malware used to steal 167,000 credit cards Read More »

CISA warns of ransomware attacks on healthcare providers

by Shaun Nichols A new CISA advisory warned administrators at hospitals and healthcare providers about newly discovered ransomware variant, dubbed Daixin Team, that poses a particular threat. The Cybersecurity and Infrastructure Security Agency is warning administrators about a new ransomware outbreak amongst healthcare providers. A CISA advisory issued Friday outlined how a new ransomware crew known as

CISA warns of ransomware attacks on healthcare providers Read More »

Healthcare site leaks personal health information via Google and Meta tracking pixels

Posted: October 24, 2022 by Pieter Arntz Advocate Aurora Health has disclosed that by visiting its websites users may have shared personal information, and possibly protected health information (PHI), with Google and Meta (Facebook). Advocate Aurora Health is the 11th largest not-for-profit, integrated health system in the US and provides care for about 3 million patients. The company used tracking

Healthcare site leaks personal health information via Google and Meta tracking pixels Read More »

An odd kind of cybercrime: Gift vouchers, medical records, and…food

Posted: October 24, 2022 by Christopher Boyd Someone with a gift for technology but a nasty habit of using it for very bad things has been spared from going to jail with a suspended sentence. Peter Foy, 18 at the time of his antics, racked up a remarkable, and slightly peculiar, list of compromises before being brought before

An odd kind of cybercrime: Gift vouchers, medical records, and…food Read More »

Former cop abused unrevoked system access to extort women

Posted: October 21, 2022 by Jovi Umawing When Bryan Wilson, a former Louisville Metropolitan Police Department (LMPD) officer in Kentucky, pleaded guilty to cyberstalking charges in June, details of his crime weren’t revealed. Now they have. A new court document discloses facts about how he stole sexually explicit photos and videos from private Snapchat accounts, and what he did with

Former cop abused unrevoked system access to extort women Read More »

Attackers Abusing Various Remote Control Tools

Overview Ordinarily, attackers install malware through various methods such as spear phishing emails with a malicious attachment, malvertising, vulnerabilities, and disguising the malware as normal software and uploading them to websites. The malware that is installed include infostealers which steal information from the infected system, ransomware which encrypts files to demand ransom, and DDoS Bots

Attackers Abusing Various Remote Control Tools Read More »

Venus ransomware targets remote desktop services

Posted: October 20, 2022 by Christopher Boyd It’s time for another tale of remote desktop disaster, as a newish form of ransomware carves out a name for itself. Bleeping Computer reports that individuals behind Venus ransomware are breaking into “publicly exposed Remote Desktop services”, with the intention of encrypting any and all Windows devices. Since at least August 2022, Venus

Venus ransomware targets remote desktop services Read More »

Warning: “FaceStealer” iOS and Android apps steal your Facebook login

Posted: October 18, 2022 by Malwarebytes Labs Earlier this month, security researchers from Meta found 400 malicious Android and iOS apps designed to steal user Facebook login credentials. Such mobile malware, which Malwarebytes detects typically as Android/Trojan.Spy.Facestealer, usually arrives as an app disguised as a useful or entertaining tool. But before the app can be fully used, it asks users to login to

Warning: “FaceStealer” iOS and Android apps steal your Facebook login Read More »

Thermal cameras could help reveal your password

Posted: October 18, 2022 by Jovi Umawing Thermal imaging cameras detect heat energy, a helpful tool for engineers when hunting for thermal insulation gaps in buildings. But did you know that such devices can now aid in password theft? Because these devices are sold a lot cheaper than they used to, pretty much anyone can get their hands

Thermal cameras could help reveal your password Read More »

Android and iOS leak some data outside VPNs

Posted: October 16, 2022 by Christopher Boyd Virtual Private Networks (VPNs) on Android and iOS are in the news. It’s been discovered that in certain circumstances, some of your traffic is leaked so it ends up outside of the safety cordon created by the VPN. Mullvad, the discoverers of this Android “feature” say that it has the potential to cause

Android and iOS leak some data outside VPNs Read More »