Cyber Attack

LightSpy mobile espionage campaign, which focuses on targets in Southern Asia and probably India, potentially indicating a renewed focus and grow tensions in the region. VirusTotal submissions from India suggest potential victims within its borders, aligning with recent warnings by Apple on detections within the same country. Technical Details: Infection …

ESET researchers found a spying campaign targeting Android users. The campaign uses fake messaging apps that include XploitSPY malware. The campaign, called eXotic Visit, has been active from November 2021 to the end of 2023. Malicious Android apps were distributed through targeted campaigns using dedicated websites and the Google Play …

Apple warned users in 91 other countries about a possible “mercenary spyware attack”. Apple notified Reuters that the company found evidence of attackers attempting to remotely compromise iPhones. Mercenary spyware attacks are rare but much more sophisticated than regular cybercriminal activity or malware, as stated in the email. Apple also …

Data of over 7.5 million boAt customers is now on the dark web. This includes personal information like names, addresses, contact numbers, email IDs, and customer IDs. The attacker has released around 2GB of data on a forum. On April 5, a hacker named ShopifyGUY said they hacked the data …

Vietnamese hackers are targeting businesses in Asia to get corporate credentials and financial data to sell online. Researchers at Cisco Talos found a group of hackers, known as CoralRaider, targeting India, China, South Korea, Bangladesh, Pakistan, Indonesia, and local entities with a specific type of malware. Talos believes that the …

They were supposed to be under lock and key, in a secure storage room deep inside Europol’s headquarters in The Hague. But a clutch of highly sensitive files containing the personal information of top law enforcement executives went missing last summer. Europe’s law enforcement agency has been mired in a …

A ransomware group is threatening to publish a huge cache of stolen data following a cyber attack on a Scottish health board. The group called INC Ransom claims to have three terabytes of data. NHS Dumfries and Galloway is aware that clinical data relating to a small number of patients …

A new spying campaign has been discovered that targets Indian government agencies and the energy sector, using a modified open-source tool called HackBrowserData to steal browser credentials, cookies, and history. Researchers from EclecticIQ, a Dutch cybersecurity firm, found a hacking campaign in early March. They didn’t identify the hackers but …

StrelaStealer malware steals email login data from popular email clients and sends it to the attacker’s server. The attacker can then use this information to launch more attacks. Since its first appearance in 2022, the threat actor has carried out many email campaigns and shows no sign of stopping. Unit42 …

Hacker allegedly exploiting two popular vulnerabilities to attack U.S. defense contractors, U.K. government entities and institutions in Asia, according to new report by Google owned security firm Mandiant. The report focused on UNC5174, a threat actor. According to Mandiant, UNC5174 used to be a member of Chinese hacktivist groups. However, …