Victoria’s Secret US Website Restored After Security Incident
Victoria’s Secret website was down due to a ‘security incident’ impacting online and some in-store services. Get the…
cyber crime
US Treasury sanctioned the firm Funnull Technology as major cyber scam facilitator
The U.S. sanctioned Funnull Technology and Liu Lizhi for aiding romance scams that caused major crypto losses through fraud infrastructure. The U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Philippines-based company Funnull Technology Inc. and its admin Liu Lizhi for enabling romance scams, causing $200M in U.S. victim losses. A romance scam […]
Chinese Phishing Service Haozi Resurfaces, Fueling Criminal Profits
A Chinese-language PhaaS platform Haozi is making cybercrime easy with no tech skills needed. Discover how this plug-and-play service facilitated over $280,000 in illicit transactions.
Safari Flaw Exploited by BitM Attack to Steal User Login Data
A new wave of phishing attacks, known as Fullscreen Browser-in-the-Middle (BitM) attacks, is exploiting browser features to steal user credentials with unprecedented stealth. Unlike traditional phishing, which relies on fake websites and visible clues,…
ConnectWise suffered a cyberattack carried out by a sophisticated nation state actor
ConnectWise detected suspicious activity linked to a nation-state actor, impacting a small number of its ScreenConnect customers. ConnectWise revealed it had detected suspicious activity linked to an advanced nation-state actor. The company confirmed that the attack impacted a small number of its ScreenConnect customers. “ConnectWise recently learned of suspicious activity within our environment that we […]
Victoria’s Secret ‘s website offline following a cyberattack
Victoria’s Secret took its website offline after a cyberattack, with experts warning of rising threats against major retailers. American lingerie, clothing, and beauty retailer Victoria’s Secret took its website offline following a cyberattack. At this time, the site shows the following message: “Valued customer, we identified and are taking steps to address a security incident. […]
New AyySSHush botnet compromised over 9,000 ASUS routers, adding a persistent SSH backdoor.
GreyNoise researchers warn of a new AyySSHush botnet compromised over 9,000 ASUS routers, adding a persistent SSH backdoor. GreyNoise discovered the AyySSHush botnet has hacked over 9,000 ASUS routers, adding a persistent SSH backdoor. “Using an AI powered network traffic analysis tool we built called SIFT, GreyNoise has caught multiple anomalous network payloads with zero-effort that […]
Fake AI Video Tool Ads on Facebook, LinkedIn Spread Infostealers
Mandiant Threat Defense uncovers a campaign where Vietnam-based group UNC6032 tricks users with malicious social media ads for…
New PumaBot targets Linux IoT surveillance devices
PumaBot targets Linux IoT devices, using SSH brute-force attacks to steal credentials, spread malware, and mine crypto. Darktrace researchers discovered a new botnet called PumaBot targets Linux-based IoT devices, using SSH brute-force attacks to steal credentials, spread malware, and mine cryptocurrency. PumaBot skips broad internet scans and instead pulls a list of targets from its […]
Crooks use a fake antivirus site to spread Venom RAT and a mix of malware
Researchers found a fake Bitdefender site spreading the Venom RAT by tricking users into downloading it as antivirus software. DomainTools Intelligence (DTI) researchers warn of a malicious campaign using a fake website (“bitdefender-download[.]com”) spoofing Bitdefender’s Antivirus for Windows download page to trick visitors into downloading a remote access trojan called Venom RAT. “A malicious campaign […]