steal
-
Blog
Nokia investigates breach after hacker claims to steal source code
Nokia is investigating whether a third-party vendor was breached after a hacker claimed to be selling the company’s stolen source code. “Nokia is aware of reports that an unauthorized actor has alleged to have gained access to certain third-party contractor data and possibly data of Nokia,” the company told BleepingComputer. “Nokia takes this allegation seriously and we are investigating. To…
Read More » -
Blog
LastPass warns of fake support centers trying to steal customer data
LastPass is warning about an ongoing campaign where scammers are writing reviews for its Chrome extension to promote a fake customer support phone number. However, this phone number is part of a much larger campaign to trick callers into giving scammers remote access to their computers, as discovered by BleepingComputer. LastPass is a popular password manager that utilizes a LastPass Chrome…
Read More » -
Blog
Chinese hackers use Quad7 botnet to steal credentials
Microsoft warns that Chinese threat actors use the Quad7 botnet, compromised of hacked SOHO routers, to steal credentials in password-spray attacks. Quad7, also known as CovertNetwork-1658 or xlogin, is a botnet first discovered by security researcher Gi7w0rm that consists of compromised SOHO routers. Later reports by Sekoia and Team Cymru reported that the threat actors are targeting routers and networking devices from TP-Link,…
Read More » -
Blog
Amazon seizes domains used in rogue Remote Desktop campaign to steal data
Amazon has seized domains used by the Russian APT29 hacking group in targeted attacks against government and military organizations to steal Windows credentials and data using malicious Remote Desktop Protocol connection files. APT29, also known as “Cozy Bear” and “Midnight Blizzard,” is a Russian state-sponsored cyber-espionage group linked to Russia’s Foreign Intelligence Service (SVR). Amazon clarifies that although the phishing pages APT29…
Read More » -
Blog
Hackers exploit Roundcube webmail flaw to steal email, credentials
Threat actors have been exploiting a vulnerability in the Roundcube Webmail client to target government organizations in the Commonwealth of Independent States (CIS) region, the successor of the former Soviet Union. An attack was discovered by Russian cybersecurity company Positive Technologies in September, but the researchers determined that the threat actor activity had started in June. Roundcube Webmail is an…
Read More » -
Blog
Undercover North Korean IT workers now steal data, extort employers
North Korean IT professionals who trick Western companies into hiring them are stealing data from the organization’s network and asking for a ransom to not leak it. Dispatching IT workers to seek employment at companies in wealthier nations is a tactic that North Korea has been using for years as a means to obtain privileged access for cyberattacks or to…
Read More » -
Blog
New FASTCash malware Linux variant helps steal money from ATMs
North Korean hackers are using a new Linux variant of the FASTCash malware to infect the payment switch systems of financial institutions and perform unauthorized cash withdrawals. Previous variants of FASTCash targeted Windows and IBM AIX (Unix) systems, but a new report by security researcher HaxRob reveals a previously undetected Linux version that targets Ubuntu 22.04 LTS distributions. Money-stealing history…
Read More » -
Blog
YouTube Music Should Steal This Cool Spotify Feature, Like Right Now!
There’s no denying that Spotify is the go-to choice for music streaming platforms. However, YouTube Music has emerged as a great alternative to Spotify, not because it comes included with YouTube Premium but because its algorithm is genuinely good at picking music you might actually like. That said, YouTube Music still lags in raw features such as Spotify Connect, and…
Read More » -
Blog
New macOS malware poses as legitimate apps to steal passwords, crypto wallets and more — how to stay safe
While Apple’s Macs aren’t targeted by hackers as much as Windows PCs, they aren’t impenetrable. Security researchers recently uncovered malware dubbed “Cthulhu Stealer” that impersonates popular apps to harvest passwords and steal data from macOS users. As first reported by The Hacker News, Cado Security pushed out a public warning this week about Cthulhu Stealer, a malware-as-a-service targeting macOS users launched…
Read More » -
Blog
Criminals Use Malware to Steal Near Field Communication Data
Recent research by cybersecurity company ESET provides details about a new attack campaign targeting Android smartphone users. The cyberattack, based on both a complex social engineering scheme and the use of a new Android malware, is capable of stealing users’ near field communication data to withdraw cash from NFC-enabled ATMs. Constant technical improvements from the threat actor As noted by…
Read More »