Daily Cyber Brief

The FBI warns about cybercriminals exploiting DeFi platforms, hackers hid malware in images from the James Webb telescope, and a Russian streaming platform admits to data breach...

Cybersecurity

Chinese Hackers Target Energy Sector in Australia, South China Sea

The Chinese state-aligned threat actor TA423 (aka Leviathan/APT40) is behind a sustained cyber-espionage campaign against countries and entities operating in the South China Sea, including organizations involved in an offshore wind farm in the Taiwan Strait…

Cyber Criminals Increasingly Exploit Vulnerabilities in Decentralized Finance Platforms to Obtain Cryptocurrency

The FBI is warning investors cyber criminals are increasingly exploiting vulnerabilities in decentralized finance (DeFi) platforms to steal cryptocurrency, causing investors to lose money. The FBI has observed cyber criminals exploiting vulnerabilities in the smart contracts…

Ukraine takes down cybercrime group hitting crypto fraud victims

The National Police of Ukraine (NPU) took down a network of call centers used by a cybercrime group focused on financial scams and targeting victims of cryptocurrency scams under the guise of helping them recover their stolen funds. The fraudsters behind these illegal…

Inside the IT Army of Ukraine, ‘A Hub for Digital Resistance’

Ukrainian cyber officials claim hundreds of thousands of people from around the world have volunteered to be part of a pick-up cyber force they call the IT Army of Ukraine. Click Here spoke to one of their key administrators at the start of the war and now we check back in with…

Hackers hide malware in James Webb telescope images

Threat analysts have spotted a new malware campaign dubbed ‘GO#WEBBFUSCATOR’ that relies on phishing emails, malicious documents, and space images from the James Webb telescope to spread malware. The malware is written in Golang, a programming language…

Google Expands Bug Bounties to Its Open Source Projects

Google plans to pay out cash rewards for information on vulnerabilities discovered in any of its open source projects as part of an ongoing effort to improve the security of open source code. The new Open Source Software Vulnerability Rewards Program (OSS VRP), which…

Russian streaming platform confirms data breach affecting 7.5M users

Russian media streaming platform ‘START’ (start.ru) has confirmed rumors of a data breach impacting millions of users. The platform’s administrators shared that network intruders managed to steal a 2021 database from its systems and are now distributing samples online…

FBI, Secret Service join Kentucky investigation into $4 million cybercrime theft

The government of Lexington, Kentucky is working with the FBI and Secret Service to investigate $4 million in federal rent assistance and housing funds allegedly stolen by cybercriminals. In a statement to The Record, Mayor Linda Gorton said the city is already…

Chrome extensions with 1.4 million installs steal browsing data

Threat analysts at McAfee found five Google Chrome extensions that steal track users’ browsing activity. Collectively, the extensions have been downloaded more then 1.4 million times. The purpose of the malicious extensions is to monitor when users visit e-commerce…

India's Newest Airline Akasa Air Found Leaking Passengers' Personal Information

Akasa Air, India's newest commercial airline, exposed the personal data belonging to its customers that the company blamed on a technical configuration error. According to security researcher Ashutosh Barot, the issue is rooted in the account registration process, leading to…

Daily Cyber Brief

The FBI warns about cybercriminals exploiting DeFi platforms, hackers hid malware in images from the James Webb telescope, and a Russian streaming platform admits to data breach...

Cybersecurity

Join the conversation

Overt Operator