Civil society organizations in South Korea came under the brunt of a phishing attack that used a new RAT called SuperBear. The intrusion targeted an undisclosed activist, who received a malicious LNK file in late August, posing as a member of their organization. The researchers have provided the IOCs to defend against this threat.
CareSource, the entity that manages software for the Indiana Family and Social Services Administration (FSSA), suffered a data breach in May that may have exposed the personal information of 212,193 Indiana Medicaid members.
A campaign named DB#JAMMER is utilizing poorly secured MS SQL servers to distribute Cobalt Strike and a ransomware strain called FreeWorld. Cybersecurity firm Securonix revealed that the attackers gain initial access by brute-forcing the MS SQL server, followed by reconnaissance, system firewall impairment, and establishing persistence.
A company, that makes a chastity device that can be controlled over the internet, exposed users’ email addresses, plaintext passwords, home addresses and IP addresses, and — in some cases — GPS coordinates, due to several flaws in its servers.
Given the lack of any security boundary between the extension and a site’s elements, the former has unrestricted access to data visible in the source code and may extract any of its contents.
In the data breach announcement, the university says that the incident had a limited impact and the preliminary investigation found no evidence that local students, staff, or alumni have been impacted.
Victims are approached through various platforms ranging from Facebook and LinkedIn to WhatsApp and freelance job portals like Upwork. Another known distribution mechanism is the use of search engine poisoning to boost bogus software.
Freecycle, an online community that encourages sharing unwanted items with eachother than chucking them in the bin or taking them to landfill, has told users to change their passwords after it suffered a data breach.
Threat actors are manipulating the technology behind large language model chatbots to access confidential information, generate offensive content, and “trigger unintended consequences,” warned the U.K. cybersecurity agency.
ReversingLabs identified three new malicious Python packages on PyPI, which are linked to a previously discovered VMConnect campaign. Analysis of the packages reveals similarities to previous supply chain attacks attributed to the Lazarus Group. To protect against such threats, organizations must invest in training and awareness against typosquatting and other impersonation attacks and bolster their […]