Daily Cyber Brief
Interpol arrests 2000 social engineers across 76 countries, DragonForce Malaysia attacks the Indian government, and over 24B credentials are already circulating on the dark web this year...
Cybersecurity
An international law enforcement operation, codenamed 'First Light 2022,' has seized 50 million dollars and arrested thousands of people involved in social engineering scams worldwide. The operation was led by Interpol with the assistance of police in 76 countries…
Iranian authorities have arrested a suspect allegedly involved in a cyberattack on the Tehran municipality’s website, media reported Wednesday. The official IRNA news agency gave no further details but said more information would be released later. The semi-official Tasnim…
A threat actor known as ‘Blue Mockingbird’ targets Telerik UI vulnerabilities to compromise servers, install Cobalt Strike beacons, and mine Monero by hijacking system resources. The flaw leveraged by the attacker is CVE-2019-18935, a critical severity (CVSS v3.1: 9.8)…
Upsurge in the tourism industry after the COVID-19 pandemic grabs the attention of cybercriminals to scam the tourists. Researchers are warning a post-COVID upsurge in travel has painted a bullseye on the travel industry and has spurred related cybercrimes…
A new Golang-based peer-to-peer (P2P) botnet has been spotted actively targeting Linux servers in the education sector since its emergence in March 2022. Dubbed Panchan by Akamai Security Research, the malware "utilizes its built-in concurrency features to…
Passwordless technology may be one of the most hyped categories in cybersecurity at the moment, but the reality on the ground is that passwords are still widely entrenched — and wildly insecure. Some 24.6 billion complete sets of usernames and passwords are currently…
Cisco notified customers this week to patch a critical vulnerability that could allow attackers to bypass authentication and login into the web management interface of Cisco email gateway appliances with non-default configurations. The security flaw (tracked as CVE-2022-20798)…
In response to a comment about the Prophet Mohammed, a hacktivist group in Malaysia has unleashed a wave of cyber attacks in India. According to a new advisory from Radware, a hacktivist group called DragonForce Malaysia, “with the assistance of several other threat…
Citrix warned customers to deploy security updates that address a critical Citrix Application Delivery Management (ADM) vulnerability that can let attackers reset admin passwords. Citrix ADM is a web-based solution that provides admins with a centralized cloud-based…
Technical details have emerged on a high-severity vulnerability affecting certain versions of the Zimbra email solution that hackers could exploit to steal logins without authentication or user interaction. The security issue is currently tracked as CVE-2022-27924 and impacts…