InfoSecBulletin Cybersecurity for mankind
Numerous thefts of multimillion-dollar proportions continue to haunt the cryptocurrency realm, and the most recent occurrence involves attackers draining tens of millions from numerous wallets linked to CoinEx.
There was a coordinated attack on different automaker websites. The attackers managed to collect vehicle IDs and other important car information. They then tried to sell this information on Telegram. Moreover, the infamous Remcos RAT has made a comeback, initiating a clandestine phishing attack targeting several organizations in Colombia.
Russia detects first SuperCard malware attacks via NFC
Income Property Investments exposes 170,000+ Individuals record
ALERT (CVE: 2023-28771)
Zyxel Firewalls Under Attack via CVE-2023-28771 by 244 IPs
CISA Flags Active Exploits in Apple iOS and TP-Link Routers
10K Records Allegedly from Mac Cloud Provider’s Customers Leaked Online
Canada 2nd largest airlines “WestJet” investigates cyberattack disrupting internal systems
Paraguay 7.4 Million Citizen Records Leaked on Dark Web
High-Severity Flaw in HashiCorp Nomad Allows Privilege Escalation
SoftBank: Over 137,000 personal info leaked
Alert
Trend Micro Apex One Flaw Allow Attackers to Inject Malicious Code
Delve into the latest trends from the past 24 hours to stay informed
The platform’s wallets were breached, resulting in the theft of $55 million worth of ETH, TRON, and Polygon coins. CoinEx has officially acknowledged the occurrence of this significant hack. The affected wallet addresses were identified and isolated by the firm.
ALSO READ:
Researcher awarded discovering a Two-Factor Authentication bypass in Facebook
Around 15,000 hacked accounts were discovered by cybersecurity firm Kasada, which were then utilized in an automated attack intended to seize control of various automaker websites. The attack aimed to obtain valuable information, such as vehicle IDs along with car makes and models. Subsequently, this confidential data was made available for sale in exclusive Telegram channels.
Microsoft has successfully deciphered a novel phishing campaign called Storm-0324, in which the perpetrators utilized a publicly accessible tool named TeamsPhishers to breach corporate networks. In the past, the threat actor has been involved as both an initial access broker and a member of the esteemed FIN7 APT group.
A new phishing campaign has been discovered by researchers. This campaign utilizes Microsoft Word documents as a means to distribute harmful malware such as OriginBot, Agent Tesla, and RedLine Clipper onto targeted individuals’ systems. These malware strains enable attackers to siphon cryptocurrency and steal sensitive data.
macOS business users are now being targeted by a dangerous new malware called MetaStealer. This emerging threat has recently been detected in the wild and requires immediate attention. The malware, coded in Golang, is spread using cunning social engineering techniques. Attackers masquerade as fake clients and entice unsuspecting victims into running harmful payloads.
