Cyber Attack

ESET researchers found a spying campaign targeting Android users. The campaign uses fake messaging apps that include XploitSPY malware. The campaign, called eXotic Visit, has been active from November 2021 to the end of 2023. Malicious Android apps were distributed through targeted campaigns using dedicated websites and the Google Play …

Apple warned users in 91 other countries about a possible “mercenary spyware attack”. Apple notified Reuters that the company found evidence of attackers attempting to remotely compromise iPhones. Mercenary spyware attacks are rare but much more sophisticated than regular cybercriminal activity or malware, as stated in the email. Apple also …

Data of over 7.5 million boAt customers is now on the dark web. This includes personal information like names, addresses, contact numbers, email IDs, and customer IDs. The attacker has released around 2GB of data on a forum. On April 5, a hacker named ShopifyGUY said they hacked the data …

Vietnamese hackers are targeting businesses in Asia to get corporate credentials and financial data to sell online. Researchers at Cisco Talos found a group of hackers, known as CoralRaider, targeting India, China, South Korea, Bangladesh, Pakistan, Indonesia, and local entities with a specific type of malware. Talos believes that the …

They were supposed to be under lock and key, in a secure storage room deep inside Europol’s headquarters in The Hague. But a clutch of highly sensitive files containing the personal information of top law enforcement executives went missing last summer. Europe’s law enforcement agency has been mired in a …

A ransomware group is threatening to publish a huge cache of stolen data following a cyber attack on a Scottish health board. The group called INC Ransom claims to have three terabytes of data. NHS Dumfries and Galloway is aware that clinical data relating to a small number of patients …

A new spying campaign has been discovered that targets Indian government agencies and the energy sector, using a modified open-source tool called HackBrowserData to steal browser credentials, cookies, and history. Researchers from EclecticIQ, a Dutch cybersecurity firm, found a hacking campaign in early March. They didn’t identify the hackers but …

StrelaStealer malware steals email login data from popular email clients and sends it to the attacker’s server. The attacker can then use this information to launch more attacks. Since its first appearance in 2022, the threat actor has carried out many email campaigns and shows no sign of stopping. Unit42 …

Hacker allegedly exploiting two popular vulnerabilities to attack U.S. defense contractors, U.K. government entities and institutions in Asia, according to new report by Google owned security firm Mandiant. The report focused on UNC5174, a threat actor. According to Mandiant, UNC5174 used to be a member of Chinese hacktivist groups. However, …

The APT group ‘Earth Krahang’ has hacked 70 organizations and attacked at least 116 in 45 countries. Trend Micro researchers have been monitoring a campaign targeting government organizations since early 2022. The group targeted 116 organizations in 35 countries and confirmed at least 70 compromises, including organizations linked to world …