Subscribers to a Tibetan Government-in-Exile mailing list were targeted in a recent email-based phishing campaign designed to infect them with a remote access trojan. Dubbed ExileRAT, the trojan is capable of gathering system information, retrieving and pushing files, and executing and ending various processes, according to a blog post from Cisco Systems’ Talos division, whose…
Siri Shortcuts, Apple’s recently introduced native feature for iOS 12, can potentially be abused by threat actors to deliver malware to unsuspecting mobile device users, researchers are warning. The tool allows users to quickly execute and automate multiple-step tasks with just a single tap or voice command. Device owners who download the Siri Shortcuts app…
Prosecutors in California have reportedly won what they believe to be the first-ever conviction for the act of SIM hijacking. Joel Ortiz, a 20-year-old college student from Boston, pleaded guilty in a Santa Clara County courtroom last month to stealing over $5 million in cryptocurrency after taking over the phone numbers of roughly 40 individuals…
Researchers have discovered a previously unknown custom downloader family that reputed Vietnamese APT group OceanLotus has been using since at least early 2018 to infect victims with payloads such as Cobalt Strike Beacon. The ongoing campaign’s targets are either based in Vietnam or speak Vietnamese, which is in keeping with the m.o. of OceanLotus, which is known to…
Home improvement and design website Houzz has publicly disclosed a data breach after discovering late last year that an unauthorized third party had obtained a file containing user data. An FAQ page published on Houzz.com today says that the compromised information falls under three categories: Profile information such as names, addresses, countries and descriptions, but…
The dark web can be a fairly lawless place, but even the most hidden corners of the darknet are not immune to the laws of supply and demand. Malware programs, cybercriminal services and stolen data can skyrocket in popularity on the underground market just as quickly as they can fall out of favor – same…
A cyberespionage campaign targeted Iranian IP addresses late last year, with the goal of infecting victims with an updated version of Remexi backdoor malware, researchers have reported. Some of these IP addresses belong to foreign diplomatic entities located within Iran’s borders. Remexi is typically associated with a reputed Iranian APT group known as Chafer. Its…
French engineering research and consulting firm Altran Technologies disclosed this week that a Jan. 24 cyberattack impacted its operations in certain European countries. In response to the incident, the company immediately shut down its IT network and all applications,” the company said in a press release issued on Monday. Altran’s statement was short on specifics,…
Attackers have launched an ongoing credential stuffing campaign against the online video streaming service Dailymotion, compromising the data of an unspecified number of users in the process. A property of French media and entertainment company Vivendi SA, Paris-based Dailymotion said in a Jan. 25 press alert that its technical teams “successfully contained” the attack “following…
Delaware’s Department of Insurance announced yesterday that 650 residents and five companies located within the state were impacted by a 2018 data breach of BenefitMall, a third-party HR services administrator for health insurance companies. It was originally back on Jan. 4, 2019, that BenefitMall, aka Centerstone Insurance and Financial Services, publicly disclosed a “data security…
