Raspberry Robin worm drops fake malware to confuse researchers
The Raspberry Robin malware is now trying its hand at some trickery by dropping a fake payload to confuse researchers...
OSINT
Okta’s source code stolen after GitHub repositories hacked
Okta, a leading provider of authentication services and Identity and Access Management (IAM) solutions, says that its private GitHub repositories were...
DraftKings warns data of 67K people was exposed in account hacks
Sports betting company DraftKings revealed last week that more than 67,000 customers had their personal information exposed following a credential attack in...
Malicious ‘SentinelOne’ PyPI package steals data from developers
Threat actors have published a malicious Python package on PyPI, named 'SentinelOne,' that pretends to be the legitimate SDK client...
GodFather Android malware targets 400 banks, crypto exchanges
An Android banking malware named 'Godfather' has been targeting users in 16 countries, attempting to steal account credentials for over...
Microsoft finds macOS bug that lets malware bypass security checks
Apple has fixed a vulnerability attackers could leverage to deploy malware on vulnerable macOS devices via untrusted applications capable of...
Ransomware gang uses new Microsoft Exchange exploit to breach servers
Play ransomware threat actors are using a new exploit chain that bypasses ProxyNotShell URL rewrite mitigations to gain remote code...
Microsoft will turn off Exchange Online basic auth in January
Microsoft warned today that it will permanently turn off Exchange Online basic authentication starting early January 2023 to improve security....
Hackers bombard PyPi platform with information-stealing malware
The PyPi python package repository is being bombarded by a wave of information-stealing malware hiding inside malicious packages uploaded to...
Google Ad fraud campaign used adult content to make millions
A massive advertising fraud campaign using Google Ads and 'popunders' on adult sites is estimated to have generated millions of...
Google introduces end-to-end encryption for Gmail on the web
Google announced on Friday that it's adding end-to-end encryption (E2EE) to Gmail on the web, allowing enrolled Google Workspace users...
Play ransomware claims attack on German hotel chain H-Hotels
The Play ransomware gang has claimed responsibility for a cyber attack on H-Hotels (h-hotels.com) that has resulted in communication outages...
Ukraine’s DELTA military system users targeted by info-stealing malware
A compromised Ukrainian Ministry of Defense email account was found sending phishing emails and instant messages to users of the...
T-Mobile hacker gets 10 years for $25 million phone unlock scheme
Argishti Khudaverdyan, the former owner of a T-Mobile retail store, was sentenced to 10 years in prison for a $25...
Restaurant CRM platform ‘SevenRooms’ confirms breach after data for sale
Restaurant customer management platform SevenRooms has confirmed it suffered a data breach after a threat actor began selling stolen data on...
The Week in Ransomware – December 16th 2022 – Losing Trust
To evade detection by security software, malware developers and threat actors increasingly use compromised code-signing certificates to sign their malware....
A Technical Analysis of CVE-2022-22583 and CVE-2022-32800
This blog entry discusses the technical details of how we exploited CVE-2022-22583 using a different method. We also tackle the...
Detecting Windows AMSI Bypass Techniques
We look into some of the implementations that cybercriminals use to bypass the Windows Antimalware Scan Interface (AMSI) and how...
Conti Team One Splinter Group Resurfaces as Royal Ransomware with Callback Phishing Attacks
From September to December, we detected multiple attacks from the Royal ransomware group. In this blog entry, we discuss findings...
US government is warning of business email compromise BEC attacks aimed at hijacking shipments of food products and ingredients
US government is warning of business email compromise (BEC) attacks aimed at hijacking shipments of food products and ingredients.The Federal...
American nbsp identity and access management nbsp giant Okta revealed that that its private GitHub nbsp repositories were hacked this month
American identity and access management giant Okta revealed that that its private GitHub repositories were hacked this month.Okta revealed that its private GitHub repositories...
CyberNews researchers reported that Ecco a global shoe manufacturer and retailer exposed millions of documents
CyberNews researchers reported that Ecco, a global shoe manufacturer and retailer, exposed millions of documents. Original post @ https://cybernews.com/security/ecco-leaks-sensitive-data-for-months/Ecco, a...
IT giant Cisco is warning of threat actors exploiting many old vulnerabilities in attacks in the wild
IT giant Cisco is warning of threat actors exploiting many old vulnerabilities in attacks in the wild.Cisco has updated multiple...
Karakurt Ransomware Victim: Goodwill industries
KARAKURT RANSOMWARE NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
