New Cyber Threat Targets Palestinian Authority With Advanced Malware Attack In a recent development in the realm of cybersecurity, Check Point Threat Intelligence Team has identified a resurgence of an advanced persistent threat (APT) group launching targeted attacks against institutions in the Middle East, particularly the Palestinian Authority. This latest…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently revealed critical details regarding a sophisticated backdoor malicious software identified as SUBMARINE. This malware has reportedly been employed by threat actors in connection with an exploit targeting Barracuda Email Security Gateway (ESG) appliances, which has raised alarms within the cybersecurity landscape.…
A sophisticated phishing campaign targeting Facebook users has been detected, exploiting a critical zero-day vulnerability within Salesforce’s email services. This exploit enables malicious actors to craft highly tailored phishing messages utilizing Salesforce’s domain and infrastructure, significantly increasing the chances of success. Researchers at Guardio Labs, Oleg Zaytsev and Nati Tal,…
Brightspeed Investigates Data Breach Claims Affecting Over One Million Customers Brightspeed, one of the leading fiber broadband providers in the United States, is currently looking into allegations that hackers have compromised sensitive information related to more than one million of its customers. The claims emerged from a group known as…
George Garofano Sentenced for High-Profile Celebrity Hack In a significant development within the cybersecurity landscape, George Garofano has been sentenced to eight months in prison for hacking into over 250 Apple iCloud accounts belonging to notable celebrities, including Jennifer Lawrence and Kim Kardashian. This sentencing follows his guilty plea to…
Recent incidents in the Asia-Pacific region highlight significant vulnerabilities in identity controls and privileged access governance in both consumer and enterprise sectors. Keeper Security linked these events to a cyberattack on Kyowon Group in South Korea and a bug on Instagram that permitted the generation of large volumes of password…
Betterment’s employee credentials compromised, facilitating phishing attacks through an external platform Sensitive personal information accessed: names, email addresses, physical addresses, phone numbers, and birth dates No customer accounts were compromised; however, the stolen data poses a risk for future phishing schemes Investment platform Betterment has reported a recent security breach…
The Evolving Threat Landscape: AI in Cybercrime The rapid advancements in artificial intelligence (AI) are reshaping the landscape of social engineering attacks, creating unprecedented vulnerabilities for organizations worldwide. Cybercriminals are now leveraging AI to produce increasingly sophisticated phishing emails and deepfake videos that convincingly mimic trusted colleagues and executives. By…
Security researchers have identified two distinct malware campaigns targeting systems through phishing strategies, one distributing both the Ursnif data-stealing trojan and GandCrab ransomware, while the other focuses solely on Ursnif. These threats originate from two separate cybercriminal groups but exhibit several operational similarities. Both campaigns initiate through phishing emails containing…
