Black Hat, Events Exploring Automotive Vulnerabilities, Bootloader Flaws, and Cyber Threats at Black Hat Europe 2024 Mathew J. Schwartz (euroinfosec) • December 9, 2024 Image: Shutterstock The Black Hat Europe conference is once again convening in London, promising a diverse agenda that delves into the myriad challenges facing cybersecurity today.…
Emerging Trends in Cryptocurrency Transactions Tied to Russian Cybercrime Recent investigations reveal that a financial firm registered in Canada is acting as a payment processor for multiple Russian cryptocurrency exchanges and platforms that provide cybercrime services targeting Russian-speaking customers. This has raised significant concerns among cybersecurity experts and law enforcement…
HDFC Life Insurance has officially reported a data breach, disclosing the incident in a regulatory filing after market hours. The company has acknowledged that it received unauthorized communications from an unidentified source claiming to possess certain customer data, which appears to have been shared with malicious intent. To address the…
Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Social Engineering Tehran Lures Aerospace Sector with Malicious Job Offers Prajeet Nair (@prajeetspeaks) • November 14, 2024 Image: Shutterstock In a disturbing development, Iranian state-sponsored hackers are reportedly adopting tactics used by their North Korean counterparts to infiltrate…
A new cyber threat has emerged, identified as “Cuttlefish,” specifically targeting small office and home office (SOHO) routers. This sophisticated malware aims to covertly monitor all traffic traversing these devices while collecting authentication data from HTTP GET and POST requests. According to a recent report from the Black Lotus Labs…
Cloudflare Disrupts Phishing Campaign Targeting Ukrainian Entities On Thursday, Cloudflare announced that it has taken measures to disrupt an extensive phishing campaign that has been ongoing for a month. This operation is attributed to a Russia-aligned threat actor known as FlyingYeti, which has specifically targeted Ukraine amidst ongoing tensions in…
Cybersecurity experts at Netcraft have identified a sophisticated phishing kit named “Xiū gǒu,” which has been active since September 2024 and is specifically targeting users in multiple countries, including the UK, US, Spain, Australia, and Japan. This malicious toolkit exploits a range of public and private sector services, such as…
Identity security has emerged as a pressing concern following a series of significant breaches, with numerous high-profile organizations such as Microsoft, Okta, Cloudflare, and Snowflake experiencing security incidents. This situation has prompted stakeholders to reassess their approaches to identity security from both strategic and technological perspectives. Traditionally, identity security has…
Identity and authentication management provider Okta has reported a security breach affecting 134 of its 18,400 customers, following a compromise of its support case management system. The breach occurred between September 28 and October 17, 2023. During this period, an unauthorized actor accessed sensitive HAR files that contained session tokens,…
