An Iranian hacking group has released highly sensitive personal information on hundreds of thousands of Israeli medical patients and members of an LGBTQ site, in a purported ransom attack.
A new Magecart threat actor is stealing people’s payment card info from their browsers using a digital skimmer that uses a unique form of evasion to bypass virtual machines (VM) so it targets only actual victims and not security researchers.
A new Steam phishing promoted via Discord messages promises a free Nitro subscription if a user links their Steam account, which the hackers then use to steal game items or promote other scams.
The party said the impact of the incident, affecting an external supplier, was not yet clear and it was urgently investigating whether the data had been hacked. Police, cybersecurity specialists and regulators had been notified, it added.
A U.K. man previously charged in the United States with involvement in the hacking of politicians’ and celebrities’ Twitter accounts was charged on Wednesday over a separate scheme resulting in the theft of $784,000 of cryptocurrency.
A novel class of vulnerabilities could be leveraged by threat actors to inject visually deceptive malware in a way that’s semantically permissible but alters the logic defined by the source code, effectively opening the door to more risks.
With the BlackMatter ransomware operation shutting down, existing affiliates are moving their victims to the competing LockBit ransomware website for continued extortion.
The FBI has issued a flash alert warning against the HelloKitty ransomware group who recently started threatening victims with DDoS attacks. The group’s ransom demands fluctuate for each victim and are based on their ability to pay. Organizations should apply recommended mitigations at the earliest.
Rapid7 unearthed a malicious campaign targeting Windows 10 running on Chrome browsers. The objective of the campaign is to obtain sensitive data and steal cryptocurrency from the infected systems. Experts recommend avoiding visiting unknown sites and clicking on suspicious links.
FortiGuard Labs found a Chaos ransomware variant being circulated on Japanese Minecraft forums. While this variant encrypts certain files, it completely destroys some. Gamers are recommended to stay alert while being offered such commodities on gaming forums.