A new advanced threat actor, Dark Pink APT by Group-IB and Saaiwc Group by Anheng Hunting Labs, has been identified as the source of attacks on government agencies and military bodies across multiple countries in the APAC region. This group…
Online markets selling drugs and other illegal substances on the darknet have begun to use custom Android apps. It increases privacy and evades law enforcement. Analysts at Resecurity first observed this trend around the beginning of the third quarter of…
The Kinsing malware is currently actively attacking Kubernetes. By exploiting known vulnerabilities in container images and misconfigured, Kinsing malware clusters exposed PostgreSQL containers. These tactics may not be new. But Microsoft’s Defender for Cloud team has recently noticed an increase…
It sounds like a potential security vulnerability in the Visual Studio Code extensions marketplace. It could allow attackers to upload rogue extensions that masquerade as legitimate ones. These can be instrumental to launch supply chain attacks against organizations that use…
Slack is a messaging platform businesses and organizations worldwide use to collaborate. It allows teams to communicate, collaborate, and share files and information in real time. Salesforce owns it and it has an estimated 18 million users. Recently, Slack suffered…
Threat actors are distributing the NetSupport remote access tool and taking control of victims’ devices via a well-crafted Pokemon NFT card gaming site. The website “pokemon-go[.]io,” which is still up and running as of this writing, claims to be the…
This week, the United Nations will begin hearings for its first-ever global cybercrime treaty, concentrating on state replies to cyberattacks and coordinated intelligence sharing. The proposed treaty aims to classify various cybercrimes and create a unified global reaction legally. The…
Rackspace revealed on Thursday that the attackers responsible for last month’s incident gained access to some of its clients’ Personal Storage Table (PST) files. PST can contain a variety of information such as emails, calendar information, contact information, and activities.…
The NYC Department of Education has prohibited students and teachers from using ChatGPT in New York City schools. Due to serious concerns that its use will impede learning and lead to misinformation. And NYC Schools banned ChatGPT The ban was initially…
Vidar stealer is malicious software that steals information from computers under infection. It leverages popular social media platforms. These platforms include TikTok, Telegram, Steam, and Mastodon as intermediate command-and-control (C2) servers. This means that the malware uses these platforms to…
