Musk's aerospace manufacturing and space transport services firm, SpaceX, is believed to have experienced a cybersecurity incident involving a data breach with Hunters International, an infamous hacker group that allegedly released samples of the SpaceX data breach.
SpaceX Data Breach: Hunters International Publishes Alleged Stolen Data
https://www.cysecurity.news/2024/04/spacex-data-breach-hunters.html
Japanese police create fake support scam payment cards to warn victims
By placing the dummy cards in the electronic money sections of 34 local convenience stores, the Echizen Police have been testing a new method to fight tech support scams.
Their purpose is to warn elder victims seeking payment cards at the instructions of fraudsters.
The cards are labeled "Virus Trojan Horse Removal Payment Card" and "Unpaid Bill Late Fee Payment Card,"
"Kremlin-backed hackers have been exploiting a critical Microsoft vulnerability for four years,"
"When Microsoft patched the vulnerability in October 2022 — at least two years after it came under attack by the Russian hackers — the company made no mention that it was under active exploitation."
A novel attack on Android TVs, where people might sign into their Google account in an Airbnb or an office. Usually they're locked down, but by downloading other software an attacker can access the entire contents of the Google account, email, drive, more
https://www.404media.co/android-tvs-can-expose-user-email-inboxes/
Gee, you mean a £300- TV from China shouldn’t be trusted with your Google account?
Security researchers have discovered a new Android banking trojan they named Brokewell that can capture every event on the device
The malware is delivered through a fake Google Chrome update that is shown while using the web browser
Researchers at fraud risk company ThreatFabric found Brokewell after investigating a fake Chrome update page that dropped a payload, a common method for tricking unsuspecting users into installing malware.
https://www.threatfabric.com/blogs/brokewell-do-not-go-broke-by-new-banking-malware
Russian Cyberspies Deliver ‘GooseEgg’ Malware to Government Organizations
Russia-linked APT28 deploys the GooseEgg post-exploitation tool against numerous US and European organizations.
New citizen lab report finds vulnerabilities in the security of cloud-based pinyin keyboard apps from vendors Baidu, Honor, iFlytek, OPPO, Samsung, Tencent, Vivo, and Xiaomi that could be exploited to reveal what a user types (keystrokes).
Having your keystrokes intercepted is a huge privacy and security risk.
Read full report
A new info-stealing malware linked to Redline poses as a game cheat called 'Cheat Lab,' promising downloaders a free copy if they convince their friends to install it too.
The malicious Redline payloads impersonate demos of cheating tools called "Cheat Lab" and "Cheater Pro" through URLs linked to Microsoft's 'vcpkg' GitHub repository.
McAfee threat researchers report
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/redline-stealer-a-novel-approach/
Dozens arrested and thousands of victims contacted after scam site taken offline
As many as 70,000 UK victims were tricked by LabHost's scams
LabHost's scams, which obtained 480,000 card numbers and 64,000 PINs globally.
Set up in 2021 by a criminal network, LabHost enabled users to set up phishing websites designed to trick victims into revealing personal information such as email addresses, passwords, and bank details.
a spy site is scraping Discord, archiving users’ messages/activity across servers including what voice channels they join, and then selling access to that data for as little as $5.
The site is called Spy Pet. "Have you ever wondered where your friend hangs out on Discord? [...] Look no further!" its site reads. It says it's scraping more than 14,000 Discord servers, more than 4 billion messages
https://www.404media.co/a-spy-site-is-scraping-discord-and-selling-users-messages/
Muted the audio? That's an advert. Paused a video? That's an advert
Roku TVs of the future may throw up targeted ads on the screen whenever you pause a video.
Cybersecurity researchers have discovered a new campaign that's exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to deliver ScreenConnect and Metasploit Powerfun payloads.
Cybersecurity firm Forescout is tracking the campaign under the codename Connect:fun owing to the use of ScreenConnect and Powerfun for post-exploitation.
https://www.forescout.com/blog/connectfun-new-exploit-campaign-in-the-wild-targets-media-company/
with the emergence of an audacious group of young criminal hackers from the U.S., U.K. and Canada the FBI calls Scattered Spider. More troubling, they have teamed up with Russia's most notorious ransomware gang.
Scattered spider
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-320a
According to a recent discovery by Varonis Threat Labs, two new techniques have emerged that pose a significant threat to data security within SharePoint, a widely used platform for file management. These techniques enable users to evade detection and retreat files without triggering alarm bells in audit logs.
report:
https://www.varonis.com/blog/sidestepping-detection-while-exfiltrating-sharepoint-data
Sysdig Threat Research Team has uncovered a Romanian cybercriminal group it believes has been operational for at least ten years. The researchers have named the group RubyCarp.
This raises two immediate questions: why do they believe the group is Romanian, and how can a criminal group be undiscovered for ten years?
House Votes to Extend—and Expand—a Major US Spy Program
The US House of Representatives voted on Friday to extend the Section 702 spy program. It passed without an amendment that would have required the FBI to obtain a warrant to access Americans’ information. - Section 702 permits the US government to wiretap communications between Americans and foreigners overseas.
Cybersecurity researchers have discovered a credit card skimmer that's concealed within a fake Meta Pixel tracker script in an attempt to evade detection.
Sucuri said that the malware is injected into websites through tools that allow for custom code, such as WordPress plugins like Simple Custom CSS and JS or the "Miscellaneous Scripts" section of the Magento admin panel.
Credit card skimmer hidden in fake Facebook pixel tracker report:
https://blog.sucuri.net/2024/04/credit-card-skimmer-hidden-in-fake-facebook-pixel-tracker.html
The right pentesting approach can provide valuable insights and direction to help organizations strengthen their security posture and navigate the complex threat landscape with increased confidence and peace of mind.
Exploring How Penetration Tests Are Classified – Pentesting Aspirant Guide 2024
E = Mc2 - Energy Milk Coffee
Fáilte Abhaile 🏴 “a nod’s as guid as a wink tae a blind horse”
ta be aff yer heid helps