Phishing platform Rockstar 2FA trips, and “FlowerStorm” picks up the pieces
A sudden disruption of a major phishing-as-a-service provider leads to the rise of another…that looks very familiar
Similar Posts
‘People have had to move house’: Inside the British Library, two years on from devastating cyber attack
Bys sSometimes we forget about breaches when they are out of the immediate news cycle. Here is a reminder that some ransomware attacks have long-lasting impacts. Athena Stavrou reports: Home to more than 170 million items, including Magna Carta, the British Library is one of the world’s largest and most impressive book collections. However, in October……
Amazon EC2 SSM Agent Flaw Patched After Privilege Escalation via Path Traversal
Bys sCybersecurity researchers have disclosed details of a now-patched security flaw in the Amazon EC2 Simple Systems Manager (SSM) Agent that, if successfully exploited, could permit an attacker to achieve privilege escalation and code execution. The vulnerability could permit an attacker to create directories in unintended locations on the filesystem, execute arbitrary scripts with root privileges,
Medical Associates of Brevard notifies 246,711 patients after cyberattack
Bys sOn January 23, 2025, the Bian Lian ransomware gang added the Medical Associates of Brevard (“MAB”) to its dark web leak site. At the time, they listed the types of data they claimed to have acquired, but did not provide any screenshots or proof of claims. Months later, BianLian went offline. What happened to any……
Taiwan NSB Alerts Public on Data Risks from TikTok, Weibo, and RedNote Over China Ties
Bys sTaiwan’s National Security Bureau (NSB) has warned that China-developed applications like RedNote (aka Xiaohongshu), Weibo, TikTok, WeChat, and Baidu Cloud pose security risks due to excessive data collection and data transfer to China. The alert comes following an inspection of these apps carried out in coordination with the Ministry of Justice Investigation Bureau (MJIB) and…
Yanluowang ransomware IAB pleads guilty
Bys sCatalin Cimpanu reports: A Russian man has pleaded guilty to hacking US companies and selling access to ransomware groups. Aleksei Olegovich Volkov went online under the hacker name of chubaka.kor, and worked as an initial access broker (IAB) for the Yanluowang ransomware. Volkov used various techniques to breach a corporate employee’s account, escalate access to the employer’s……
Nigerian National Pleads Guilty to International Fraud Scheme that Defrauded Elderly U.S. Victims
Bys sIt’s so hard to believe that people fall for these scams, but it happens so often that we need to just be more diligent about educating the public and reaching out to family members and friends to educate them — especially those who may not spend a lot of time on the internet to read…