Collaborate Disseminate
When organizations get hit by ransomware and pay the crooks to decrypt the encrypted data and delete the stolen data, they can never be entirely sure the criminals will do as they promised. And even if an organization gets its data decrypted, they cann… Continue reading “Security researcher” offers to delete data stolen by ransomware attackers
Telecommunications company Comcast has confirmed a breach that exposed personal information of more than 35.8 million of Xfinity customers. Exploiting Citrix Bleed to breach Xfinity CVE-2023-4966 (aka Citrix Bleed) – an information disclosure vul… Continue reading Citrix Bleed leveraged to steal data of 35+ million Comcast Xfinity customers
Mortgage company Mr. Cooper has confirmed that personal information of over 14.6 million customers has been exposed in its October 2023 data breach. The breach “On October 31, 2023, Mr. Cooper detected suspicious activity in certain network syste… Continue reading Mr. Cooper breach exposes sensitive info of over 14 million customers
We created a list of companies worldwide from different industries and searched through Darknet trying to find out how likely these companies have suffered a breach, what kind of data leaked, and what to do with it. Continue reading What to do if your company was mentioned on Darknet?
On Wednesday, Apple released security updates for all supported branches of iOS and iPadOS, macOS, tvOS, watchOS and Safari. This time around, the updates did not garner as much attention as when they deliver a zero-day fix, though it has to be mention… Continue reading Apple news: iLeakage attack, MAC address leakage bug
Nobody would even suspect the mining malware was merely a mask, masquerading behind an intricate modular framework that supports both Linux and Windows. The amount of effort that went into creating the framework is truly remarkable, and its disclosure was quite astonishing. Continue reading StripedFly: Perennially flying under the radar
In this article, we’ll describe ToddyCat new toolset, the malware used to steal and exfiltrate data, and the techniques used by this group to move laterally and conduct espionage operations. Continue reading ToddyCat: Keep calm and check logs
A key monetization mechanism of a sophisticated series of cybercriminal operations involving backdoored off-brand mobile and CTV Android devices has been disrupted, Human Security has announced. The company’s Satori Threat Intelligence and Resear… Continue reading Backdoored Android phones, TVs used for ad fraud – and worse!
US educational nonprofit organization National Student Clearinghouse (NSC) has revealed that the breach of its MOVEit server ended up affecting almost 900 colleges and universities, and resulted in the theft of personal information of their students. T… Continue reading National Student Clearinghouse MOVEit breach impacts nearly 900 schools
Spyware Telegram mod in Uighur and Chinese spreads through Google Play stealing messages and other user data. Continue reading Evil Telegram doppelganger attacks Chinese users