Collaborate Disseminate
A researcher discovered a data cache from the FBI’s Terrorist Screening Center left online without a password or authentication requirement. Continue reading Terrorist Watchlist Exposed Online with Nearly 1.9M Records
The Pakistan-linked threat group’s campaign uses compromised WordPress sites to deliver the Warzone RAT to manufacturing companies in Taiwan and South Korea. Continue reading WordPress Sites Abused in Aggah Spear-Phishing Campaign
Threat actors are targeting everyone from job hunters to Bitcoin traders to college students wanting a break on their student loans, by exploiting the popular technology’s trust relationship with users. Continue reading QR Code Scammers Get Creative with Bitcoin ATMs
The decryptor is of little use to other companies hit in the spate of attacks unleashed before the notorious ransomware group went dark, researchers said.
Continue reading Kaseya’s ‘Master Key’ to REvil Attack Leaked Online
A dump of hundreds of thousands of active accounts is aimed at promoting AllWorld.Cards, a recently launched cybercriminal site for selling payment credentials online. Continue reading 1M Stolen Credit Cards Hit Dark Web for Free
The data includes IP addresses for Cobalt Strike C2 servers as well as an archive including numerous tools and training materials for the group, revealing how it performs attacks. Continue reading Angry Affiliate Leaks Conti Ransomware Gang Playbook
Telegram declined to fix a scenario in which the flaw can be exploited, spurring a Trustwave researcher to decline a bug bounty and to disclose his findings instead. Continue reading MacOS Flaw in Telegram Retrieves Deleted Messages
Attackers spoof sender addresses to appear legitimate in a crafty campaign that can slip past numerous detections, Microsoft researchers have discovered. Continue reading Phishing Campaign Dangles SharePoint File-Shares
Cyberespionage campaigns linked to China attacked telecoms via ProxyLogon bugs, stealing call records and maintaining persistence, as far back as 2017. Continue reading ‘DeadRinger’ Targeted Exchange Servers Long Before Discovery
A July 9th attack disrupted service and taunted Iran’s leadership with hacked screens directing customers to call the phone of Iranian Supreme Leader Khamenei with complaints. Continue reading Novel Meteor Wiper Used in Attack that Crippled Iranian Train System