Archives

Indonesian Cybercriminals Exploit AWS for Profitable Crypto Mining Operations

A financially motivated threat actor of Indonesian origin has been observed leveraging Amazon Web Services (AWS) Elastic Compute Cloud (EC2) instances to carry out illicit crypto mining operations. Cloud security company’s Permiso P0 Labs, which first detected the group in November 2021, has assigned it the moniker GUI-vil (pronounced Goo-ee-vil). “The group displays a preference for Graphical

Bad Magic’s Extended Reign in Cyber Espionage Goes Back Over a Decade

New findings about a hacker group linked to cyber attacks targeting companies in the Russo-Ukrainian conflict area reveal that it may have been around for much longer than previously thought. The threat actor, tracked as Bad Magic (aka Red Stinger), has not only been linked to a fresh sophisticated campaign, but also to an activity cluster that […]

Are Your APIs Leaking Sensitive Data?

It’s no secret that data leaks have become a major concern for both citizens and institutions across the globe. They can cause serious damage to an organization’s reputation, induce considerable financial losses, and even have serious legal repercussions. From the infamous Cambridge Analytica scandal to the Equifax data breach, there have been some pretty high-profile […]

Sharing your business’s data with ChatGPT: How risky is it?

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  As a natural language processing model, ChatGPT – and other similar machine learning-based language models – is trained on huge amounts of textual […]

U.K. Fraudster Behind iSpoof Scam Receives 13-Year Jail Term for Cyber Crimes

A U.K. national responsible for his role as the administrator of the now-defunct iSpoof online phone number spoofing service has been sentenced to 13 years and 4 months in prison. Tejay Fletcher, 35, of Western Gateway, London, was awarded the sentence on May 18, 2023. He pleaded guilty last month to a number of cyber offenses, including facilitating fraud […]

KeePass Exploit Allows Attackers to Recover Master Passwords from Memory

A proof-of-concept (PoC) has been made available for a security flaw impacting the KeePass password manager that could be exploited to recover a victim’s master password in cleartext under specific circumstances. The issue, tracked as CVE-2023-32784, impacts KeePass versions 2.x for Windows, Linux, and macOS, and is expected to be patched in version 2.54, which is likely to […]

PyPI Repository Under Attack: User Sign-Ups and Package Uploads Temporarily Halted

The maintainers of Python Package Index (PyPI), the official third-party software repository for the Python programming language, have temporarily disabled the ability for users to sign up and upload new packages until further notice. “The volume of malicious users and malicious projects being created on the index in the past week has outpaced our ability […]

Meet ‘Jack’ from Romania! Mastermind Behind Golden Chickens Malware

The identity of the second threat actor behind the Golden Chickens malware has been uncovered courtesy of a fatal operational security blunder, cybersecurity firm eSentire said. The individual in question, who lives in Bucharest, Romania, has been given the codename Jack. He is one of the two criminals operating an account on the Russian-language Exploit.in […]

Notorious Cyber Gang FIN7 Returns Cl0p Ransomware in New Wave of Attacks

The notorious cybercrime group known as FIN7 has been observed deploying Cl0p (aka Clop) ransomware, marking the threat actor’s first ransomware campaign since late 2021. Microsoft, which detected the activity in April 2023, is tracking the financially motivated actor under its new taxonomy Sangria Tempest. “In these recent attacks, Sangria Tempest uses the PowerShell script POWERTRASH to load