APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware

An advanced persistent threat APT group with ties to Pakistan has been attributed to the creation of a fake website masquerading as India's public sector postal system as part of a campaign designed to infect both Windows and Android users in the country. Cybersecurity company CYFIRMA has...

Crooks bank on Microsoft’s search engine to phish customers

We identified a new wave of phishing for banking credentials that targets consumers via Microsoft's search engine. A Bing search query for 'Keybank login' currently returns malicious links on the first page, and sometimes as the top search result. We have reported the fraudulent sites to Microsof...

CVE-2024-45527

REDCap 14.7.0 is affected by an HTML injection via the project title on the New Project action. The underlying issue allows injecting HTML that can trigger a logout CSRF (via index.php?logout=1) and may be used to insert a link to an external phishing site. The Red Hat/CNNVD/CVE references confir...

DarkWatchMan RAT Targets Russians

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary DarkWatchMan is a Remote Access Trojan RAT distributed via a phishing website imitating a renowned Russian website. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn...

A new strain of Punisher ransomware

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new variant of the Punisher ransomware is spreading via phishing website that delivers ransomware disguised as a COVID tracking application. Punisher Encryptor is a .NET binary that runs on Windows...

Mageia: Security Advisory (MGASA-2022-0276)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2022-0276 Updated osmo packages fix security vulnerability

Phishing website URL removed from package spec file and replaced with new official site link...

PT-2022-37575 · Mageia · Osmo

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: A phishing website URL was removed from a package spec file and replaced with a new official site link. Recommendations: At the moment, there is no information about a newer version tha...

Cybercriminals Hold $115,000-Prize Contest to Find New Cryptocurrency Hacks

A top Russian-language underground forum has been running a "contest" for the past month, calling on its community to submit "unorthodox" ways to conduct cryptocurrency attacks. The forum's administrator, in an announcement made on April 20, 2021, invited members to submit papers that assess the...

Valentine’s Day Malware Attack Mimics Flower Store

With Valentine’s Day approaching this weekend, several people have received “recent order” email confirmations for flowers or lingerie. These emails are actually part of a spear-phishing attack, which ultimately leads recipients to a malicious document that executes the BazaLoader malware. The...

Several High-Profile Accounts Hacked in the Biggest Twitter Hack of All Time

Social media platform Twitter, earlier today on Wednesday, was on fire after it suffered one of the biggest cyberattacks in its history. A number of high-profile Twitter accounts, including those of US presidential candidate Joe Biden, Amazon CEO Jeff Bezos, Bill Gates, Elon Musk, Uber, and Apple...

CVE-2019-13387

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.846, Reflected XSS in filemanager2.php parameter fmcurrentdir allows attackers to steal a cookie or session, or redirect to a phishing website...

CVE-2019-13387

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.846, Reflected XSS in filemanager2.php parameter fmcurrentdir allows attackers to steal a cookie or session, or redirect to a phishing website...

OLX: Reflected XSS on www.olx.co.id via ad_type parameter

I have identified a Reflected Cross Site Scripting XSS vulnerability on the www.olx.co.id website. Vulnerable URL: https://www.olx.co.id/iklan/sony-xz-ram-3gb-32gb-finger-mulus-preisure-naik-test-air-disini-IDA2UED.html?adtype=OR"/alert"XSS" Vulnerable Parameter: skeyword XSS Payload:...

Man Who Hacked Jail Systems to Release His Friend Early Gets 7-Years in Prison

Remember a young hacker who hacked jail systems in an attempt to release his prison inmate early? Well, that hacker will now be joining his inmate behind bars. Konrads Voits of Ypsilanti, Michigan, has been sentenced to seven years and three months in prison for attempting to hack the Washtenaw...

The Slippery Slope Starts with "Get 2 Free Airline Tickets"

Written by Or Katz and Raviv Perets A widespread phishing scam that offers free airline tickets has been spotted in the wild by Akamai's Enterprise Threat Protector ETP security research team. The campaign uses a number of social engineering techniques to trick people into providing their private...

26-Year-Old Hacker Sentenced to Record 334 Years in Prison

A 26-year-old hacker has been sentenced to 334 years in prison for identity theft as well as mass bank fraud in Turkey, or in simple words, he has been sentenced to life in prison. Named Onur Kopçak, the hacker was arrested in 2013 for operating a phishing website that impersonated bank site,...

Yahoo, Bing Results Directing to Bitcoin Phishing Site

It looks like phishers have started poisoning Bing and Yahoo search results in hopes of duping users of the Bitcoin exchange site MtGox.com into giving away their log-in credentials. KrebsonSecurity.com reported that both the search engines have been redirecting unsuspecting clickers to MtPox.com...