New NodeStealer Targeting Facebook Business Accounts and Crypto Wallets
Cybersecurity researchers have unearthed a Python variant of a stealer malware NodeStealer that’s equipped to fully take over Facebook business accounts as well as siphon cryptocurrency. Palo Alto Network Unit 42 said it detected the previously undocumented strain as part of a campaign that commenced in December 2022. NodeStealer was first exposed by Meta in May 2023, describing it […]
Iranian Hackers Posed as Israelis in Targeted LinkedIn Phishing Attack
By Waqas The Israeli security agency Shin Bet claims to have thwarted a LinkedIn phishing scam carried out by Iranian hackers. This is a post from HackRead.com Read the original post: Iranian Hackers Posed as Israelis in Targeted LinkedIn Phishing Attack
European Bank Customers Targeted in SpyNote Android Trojan Campaign
Various European customers of different banks are being targeted by an Android banking trojan called SpyNote as part of an aggressive campaign detected in June and July 2023. “The spyware is distributed through email phishing or smishing campaigns and the fraudulent activities are executed with a combination of remote access trojan (RAT) capabilities and vishing attack,” Italian […]
What is Data Security Posture Management (DSPM)?
Data Security Posture Management is an approach to securing cloud data by ensuring that sensitive data always has the correct security posture – regardless of where it’s been duplicated or moved to. So, what is DSPM? Here’s a quick example: Let’s say you’ve built an excellent security posture for your cloud data. For the sake of this […]
Top 15 Data Security Posture Management (DSPM) platforms for 2023
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Data Security Posture Management (DSPM) plays a critical role in identifying security risks, prioritizing misconfigurations, and implementing a zero-trust framework. It is an […]
Researchers Expose Space Pirates’ Cyber Campaign Across Russia and Serbia
The threat actor known as Space Pirates has been linked to attacks against at least 16 organizations in Russia and Serbia over the past year by employing novel tactics and adding new cyber weapons to its arsenal. “The cybercriminals’ main goals are still espionage and theft of confidential information, but the group has expanded its interests and […]
China’s APT31 Suspected in Attacks on Air-Gapped Systems in Eastern Europe
A nation-state actor with links to China is suspected of being behind a series of attacks against industrial organizations in Eastern Europe that took place last year to siphon data stored on air-gapped systems. Cybersecurity company Kaspersky attributed the intrusions with medium to high confidence to a hacking crew called APT31, which is also tracked under […]
Cybercriminals Renting WikiLoader to Target Italian Organizations with Banking Trojan
Organizations in Italy are the target of a new phishing campaign that leverages a new strain of malware called WikiLoader with an ultimate aim to install a banking trojan, stealer, and spyware called Ursnif (aka Gozi). “It is a sophisticated downloader with the objective of installing a second malware payload,” Proofpoint said in a technical report. “The malware uses multiple mechanisms […]
Supply chain attacks disrupt emergency services communications
A supply chain attack rendered two ambulance trusts incapable of accessing electronic patient records in the UK. The two services, which operate in a region of 12 million people, were not targeted directly. Instead, the attack was aimed at a third-party technology provider used by both the South Central Ambulance Service (SCAS) and the South […]
Meta subsidiaries must pay $14m over misleading data collection disclosure
Meta has run into yet another bout of court related issues—two subsidiaries have been ordered to pay $14 million regarding undisclosed data collection. The Australian case, which has rumbled on for the best part of two and a half years, has focused on claims related to a now discontinued Virtual Private Network (VPN). The subsidiary […]