Advanced Vishing Attack Campaign “LetsCall” Targets Andriod Users

By Deeba Ahmed In a newly detected muli-stage vishing campaign attackers are using an advanced toolset dubbed LetsCall, featuring strong evasion tactics. This is a post from HackRead.com Read the original post: Advanced Vishing Attack Campaign “LetsCall” Targets Andriod Users

Senior OPERA1ER Cybercrime Gang Member Arrested in Global Operation

By Habiba Rashid The cybercrime group has targeted financial institutions, telecoms firms, and mobile banking services, exploiting vulnerabilities to steal funds. This is a post from HackRead.com Read the original post: Senior OPERA1ER Cybercrime Gang Member Arrested in Global Operation

Technician Indicted for Hacking California Water Treatment Facility

By Deeba Ahmed The jury has charged Rambler Gallo with one count of transmitting a program, information, code, and command to cause damage to a protected computer. This is a post from HackRead.com Read the original post: Technician Indicted for Hacking California Water Treatment Facility

Two Spyware Apps on Google Play with 1.5 Million Users Sending Data to China

Two file management apps on the Google Play Store have been discovered to be spyware, putting the privacy and security of up to 1.5 million Android users at risk. These apps engage in deceptive behaviour and secretly send sensitive user data to malicious servers in China. Pradeo, a leading mobile security company, has uncovered this […]

Solar monitoring systems exposed: Secure your devices

Researchers who go looking for devices exposed to the Internet report “tens of thousands” of solar photovoltaic (PV) monitoring and diagnostic systems can be found on the web. The systems are used for everything from system optimization to performance monitoring and troubleshooting. No fewer than 134,000 products from an assortment of vendors were found to be […]

How kids pay the price for ransomware attacks on education

Modern ransomware attacks are as much about stealing data and threatening to leak it as they are about encrypting data. Which means that when a school or hospital is attacked, it’s often students’ and patients’ data that’s leaked if the ransom demand isn’t met. We have to wonder how greedy any person would need to […]

Vishing Goes High-Tech: New ‘Letscall’ Malware Employs Voice Traffic Routing

Researchers have issued a warning about an emerging and advanced form of voice phishing (vishing) known as “Letscall.” This technique is currently targeting individuals in South Korea. The criminals behind “Letscall” employ a multi-step attack to deceive victims into downloading malicious apps from a counterfeit Google Play Store website. Once the malicious software is installed, […]

Another Critical Unauthenticated SQLi Flaw Discovered in MOVEit Transfer Software

Progress Software has announced the discovery and patching of a critical SQL injection vulnerability in MOVEit Transfer, popular software used for secure file transfer. In addition, Progress Software has patched two other high-severity vulnerabilities. The identified SQL injection vulnerability, tagged as CVE-2023-36934, could potentially allow unauthenticated attackers to gain unauthorized

Mastodon Social Network Patches Critical Flaws Allowing Server Takeover

Mastodon, a popular decentralized social network, has released a security update to fix critical vulnerabilities that could expose millions of users to potential attacks. Mastodon is known for its federated model, consisting of thousands of separate servers called “instances,” and it has over 14 million users across more than 20,000 instances. The most critical vulnerability, […]