The Shadowserver Foundation reports that a brute force attack has been active since last month, using nearly 2.8 million IP addresses each day attempting to guess the credentials for a wide range of networking devices. A brute force attack occurs when attackers repeatedly try different usernames and passwords to access …
Read More »
WhatsApp revealed that seven Italians, along with victims from over a dozen other European countries, were targeted by spyware in a widespread hacking campaign, according to the Italian government. Italy’s cybersecurity agency, Agenzia per la Cybersicurezza Nazionale (ANC), is investigating alleged hacking attempts by Paragon Solutions, according to a statement …
Read More »
The zLabs research team found a mobile malware campaign with nearly 900 malware samples aimed at Indian bank users. Analysis shows shared code, interfaces, and logos, indicating a single group behind the attacks on Android devices. Zimperium’s detection engine successfully identified these as Trojan Bankers targeting Indian financial institutions. This …
Read More »
Hackers are using HTTP client tools for advanced account takeover attacks on Microsoft 365. Seventy-eight percent of Microsoft 365 tenants have been targeted by attacks, showing the changing tactics of threat actors. HTTP client tools are software that allows users to send HTTP requests and receive responses from web servers. …
Read More »
A recent report from Cofense Intelligence highlights a concerning trend: threat actors are increasingly misusing .gov top-level domains (TLDs) to execute phishing campaigns. Between November 2022 and November 2024, attackers have leveraged vulnerabilities in government websites from various countries to host malicious content, act as command-and-control (C2) servers, and funnel …
Read More »
WhatsApp reveiled on Friday that a “zero-click” spyware attack, linked to the Israeli company Paragon, has targeted many users globally, including journalists and civil society members. The spyware targeted almost 100 WhatsApp users, including journalists, and operated without user interaction, links, or attachments, making it particularly dangerous. Reuters reported that …
Read More »
Tata Technologies reported a ransomware incident affecting some IT services, but it did not disrupt client deliveries, according to a company filing with BSE and the National Stock Exchange of India. Tata Technologies filed the disclosure on January 31, as required by SEBI regulations. Tata Technologies reported that a ransomware …
Read More »
Apple has issued security updates to address a zero-day flaw affecting iPhone users that is currently being exploited in attacks. A zero-day vulnerability, CVE-2025-24085, has been fixed today. It affects Apple’s Core Media framework and allows privilege escalation on iOS, iPadOS, macOS, tvOS, watchOS, and visionOS. “A malicious application may …
Read More »
DeepSeek, a Chinese AI startup that recently surpassed OpenAI’s ChatGPT as the top free app on Apple’s App Store in the U.S., is experiencing a major cyber attack and has limit new user registrations. Founded in 2023, DeepSeek has rapidly become a strong contender in the AI industry, specializing in …
Read More »
The US Treasury Department said on Monday that Chinese-linked hackers were able to gain access to ‘unclassified documents’ after compromising the agency’s networks earlier this month. According to a US Treasury letter addressed to US Senators Sherrod Brown (D-OH) and Tim Scott (R-SC) on Monday – the Chinese hackers gained …
Read More »
InfoSecBulletin Cybersecurity for mankind
