Largest Dark Web Webinjects Marketplace “In The Box” Discovered
A new dark web marketplace called InTheBox has surfaced online, serving smartphone malware developers and operators.
NETGEAR Router Vulnerability Allowed Access to Restricted Services
According to Tenable research, NETGEAR had to release last-minute patches for their devices that were a part of the Pwn2Own event.
CryWiper Masquerading as Ransomware to Target Russian Courts
CryWiper showcases ransomware-like features, such as file modification, adding a .CRY extension to the files, leaving a ransom note, etc.
A Syntax Error Led to Crashing of KmsdBot Cryptomining Botnet
The KmsdBot was known for targeting both Linux and Windows devices.
LastPass Breached Again – The Second Time in 2022
On Wednesday, LastPass’s CEO Karim Toubba issued a security advisory revealing that they detected unusual activity on its cloud storage shared with GoTo.
Fake COVID-19 Tracking App Spreads Punisher Ransomware
Currently, the new campaign involving Punisher ransomware is targeting users in Chile.
Acer Laptop Vulnerability Allows Malware Infection During Secure Boot
ESET assigned the vulnerability a CVSS score of 8.1 and tracked it as CVE-2022-4020.
34 Russian Hacking Groups Stole 50 Million User Passwords
Russian hacking groups primarily using Telegram are on a password stealing spree and so far have targeted users on Amazon, Steam, and Roblox.
42,000 phishing domains discovered masquerading as popular brands
According to researchers, this scam is highly sophisticated and large-scale, targeting brands like McDonald’s, Unilever, Emirates, Knorr, Coca-Cola, etc.
Research sector targeted in new spear phishing attack using Google Drive
The attackers gain access to the network through decoy documents covering controversial geo-political topics to lure the targeted organizations into downloading and executing the malware.