Cybersecurity experts uncovered a spyware campaign leveraging fake dating apps to steal contact details, SMSes, and GPS locations of Indian soldiers. Adversaries have laid down their trap via dating and other instant messaging apps. The criminals, however, don’t appear to be running a sophisticated operation.
A report on Hades ransomware group by Accenture Security found no concrete evidence to verify the group’s attribution to known threat groups but confirmed that it has targeted victims across multiple sectors. It is possible that the group is quickly changing and adapting its TTPs to baffle security experts.
After announcing their exit from the ransomware business in favor of data theft extortion, the Babuk gang appears to have slipped back into their old habit of encrypting corporate networks.
India-based technology startup Salesken.ai has secured an exposed server that was spilling private and sensitive data on one of its customers, Byju’s, an education technology startup.
The security holes can allow an attacker to cause a denial of service (DoS) condition and in some cases even execute arbitrary code by sending specially crafted packets to the targeted device.
In yet another instance of software supply chain attack, unidentified hackers breached the website of MonPass, one of Mongolia’s major certificate authorities, to backdoor its installer software with Cobalt Strike binaries.
Arthur J. Gallagher (AJG), a US-based global insurance brokerage and risk management firm, is mailing breach notification letters to potentially impacted individuals following a ransomware attack that hit its systems in late September.
Didi Global’s shares fell more than 10% in New York on Friday after China’s cyberspace agency said it had launched an investigation into the Chinese ride-hailing giant to protect national security and the public interest.
The account, @NSA_CSDirector, is currently being used by Joyce, but it will likely be passed on to future NSA cybersecurity directors, similar to the @POTUS Twitter account used by the president of the United States.
The email accounts of about a dozen members of parliament were hacked recently, Polish counter-intelligence said on Friday, disclosing further details of one of the biggest cyberattacks on the country in recent years.