cyberscurity | SC Media

cyberscurity

Great White North bombarded with malicious email campaigns, report

During the first four months of 2019 threat actors conducted thousands of malicious email campaigns, hundreds of which targeted Canadian organizations. Proofpoint researchers detected nearly 100 campaigns that specifically geo-targeted Canada or were customized for Canadian audiences in the first four months of 2019 mostly using the Emotet banking trojan, according to Proofpoint’s Beyond “North…

SamsungMagician

Samsung leaked SmartThings app source code and secret keys

A security researcher at a Dubai-based cybersecurity firm SpiderSilk discovered a development lab used by Samsung engineers was leaking highly sensitive source code, credentials and secret keys for several internal projects — including its SmartThings  platform. The researcher, Mossab Hussein, found Samsung engineers had left dozens of internal coding projects on a GitLab instance hosted…

Data breaches hit several organizations across the Southern US and West Coast

Oracle, Airbus, Toshiba, and Volkswagen financial data leaked following cyberattack

Threat actors stole financial data from a company that provides internet infrastructure for dozens of the world’s largest companies including Oracle, Airbus, Toshiba, and Volkswagen. The cybercriminals stole data from Germany-based CITYCOMP, which provides servers, storage and other computer equipment to other enterprise-level organizations and subsequently blackmailed the firm and threatened to publish the stolen…

Slack logo

Slack warns investors of future cybersecurity risks

Cloud-based work collaboration tool provider Slack warned investors of the risks posed by organized cybercrime and nation-state threat actors in a filing with the SEC. The company warned that threats from these organizations including advanced persistent threat intrusions are a strong possibility considering that more than 600,000 organizations use the platform making it a prime…

GitHub hosted Magecart skimmer used against e-commerce sites

Cybercriminals are harvesting personal information including payment card details in what Malwarebytes researcher Jerome Segura described as “the online equivalent of ATM card skimming.” Threat actors are hosting Magecart skimmers on GitHug in attacks to steal data from hundreds of e-commerce sites. While skimming code is normally stored on infrastructure controlled by the attackers, researchers…

data center

Threat actors use US data center to spread malware

Bromium researchers spotted scammers used Nevada data centers to distributed Dridex, GandCrab and other malware in a campaign that lasted between May 2018 to March 2019. Typically, threat actors organize their operations outside of the reach of U.S. law enforcement but these made a bold statement using servers that could easily be seized and shut…

Zeus-in-the-mobile variant uses security firm's name to gain victims' trust

Google rolls out expanded 2FA for G-Suite users

In an effort to help organizations and end users boost their security level Google is expanding its two-step verification process for G-Suite users. The changes include new two-step verification interfaces, different screens on different browsers and expanded Bluetooth security key support. The updated user interface will be on by default and started becoming available to…

trojanhorse_1032765

Gustuff banking trojan disables Google Protect and Accessibility Service mode

An Android trojan dubbed Gustuff is capable of targeting more than 1,000 global banking apps, cryptocurrency and marketplace applications. Group-IB researchers uncovered the malware that casts a wide net and  is complete with fully automated features designed to steal both fiat and crypto currency from user accounts by leveraging a device’s Accessibility Service mode to…

Next post in Security News