Daily Cyber Brief

The source code for a Rust malware was released for free, a Russian-based ransomware C2 was found on a U.S. network, and T-Mobile to pay $500M...

Cybersecurity

Cyber-mercenaries for hire represent shifting criminal business model

An emerging and fast-growing threat group is using a unique business model to offer cybercriminals a broad range of services that span from leaked databases and distributed denial-of-service (DDoS) attacks to hacking scripts and, in the future, potentially ransomware…

T-Mobile to pay $500M for one of the largest data breaches in US history

When T-Mobile compromised the sensitive personal information of more than 76 million current, former, and prospective customers in 2021, plaintiffs involved in a class action lawsuit complained that the company continued profiting off their data while attempting…

Source code for Rust-based info-stealer released on hacker forums

The source code for an information-stealing malware coded in Rust has been released for free on hacking forums, with security analysts already reporting that the malware is actively used in attacks. The malware, which the author claims to have developed in just six hours…

Researcher finds Russia-based ransomware network with foothold in U.S.

A Russia-based ransomware command and control network has been found to have a foothold in at least one U.S. network, according to researchers from attack surface management firm Censys. Matt Lembright, director of federal applications at Censys, told The Record that…

Magecart Hacks Food Ordering Systems to Steal Payment Data from Over 300 Restaurants

Three restaurant ordering platforms MenuDrive, Harbortouch, and InTouchPOS were the target of two Magecart skimming campaigns that resulted in the compromise of at least 311 restaurants. The trio of breaches has led to the theft of more than 50,000 payment card…

Rare 'CosmicStrand' UEFI Rootkit Swings into Cybercrime Orbit

A Windows firmware rootkit known as "CosmicStrand" has appeared in the cyberthreat firmament, targeting the Unified Extensible Firmware Interface (UEFI) to achieve stealth and persistence. UEFI firmware is tasked with booting up Windows computers, including the…

Indian Insurance Portal Policybazaar Suffers Breach

Indian insurance company Policybazaar has warned that it suffered a data breach. The company’s owner PB Fintech, warned in a letter on Sunday that it had discovered “illegal and unauthorized access” exploiting vulnerabilities in its systems on July 19…

Hackers exploited PrestaShop zero-day to breach online stores

Hackers are targeting websites using the PrestaShop platform, leveraging a previously unknown vulnerability chain to perform code execution and potentially steal customers' payment information. The PrestaShop team issued an urgent warning last Friday, urging…

Italy investigating ransomware attack on tax agency

Prolific ransomware group LockBit added Italy’s tax agency to its list of victims this weekend, but the company investigating the alleged attack said Monday there was no evidence of a breach. L’Agenzia delle Entrate did not respond to requests for comment but released a…

Roaming Mantis Financial Hackers Targeting Android and iPhone Users in France

The mobile threat campaign tracked as Roaming Mantis has been linked to a new wave of compromises directed against French mobile phone users, months after it expanded its targeting to include European countries. No fewer than 70,000 Android devices are said…

Daily Cyber Brief

The source code for a Rust malware was released for free, a Russian-based ransomware C2 was found on a U.S. network, and T-Mobile to pay $500M...

Cybersecurity

Join the conversation

Overt Operator