Daily Cyber Brief

Chinese APT spies on Russian Defense Institutes, Google confirms several nation-states buying Android 0-days, and Anonymous targets Killnet...

Cybersecurity

Anonymous Declares Cyber War Against Pro-Russia Hacker Group Killnet

The Pro-Russia Hacker Group Killnet recently targeted European institutions, while Anonymous hackers are already claiming to have leaked the group’s personal information in a database dump. The Anonymous hacktivists collective announced declaring cyberwar…

South Korean and US presidents gang up on North Korea's cyber-offensives

US president Biden and South Korea's new president Yoon Suk Yeol have pledged further co-operation in many technologies, including joint efforts to combat North Korea. While the US agreed to deploy physical weapons and hold military drills if necessary to defend the South…

GM credential stuffing attack exposed car owners' personal info

US car manufacturer GM disclosed that it was the victim of a credential stuffing attack last month that exposed some customers' information and allowed hackers to redeem rewards points for gift cards. General Motors operates an online platform to help owners of…

Zola confirms cyberattack that reportedly drained hundreds from wedding registry accounts

Wedding registry website Zola confirmed that it was hit with a cyberattack over the weekend after dozens of customers complained on social media about their accounts being drained or breached. A Zola spokesperson told The Record that about 3,000 accounts…

New Unpatched Bug Could Let Attackers Steal Money from PayPal Users

A security researcher claims to have discovered an unpatched vulnerability in PayPal's money transfer service that could allow attackers to trick victims into unknowingly completing attacker-directed transactions with a single click. Clickjacking, also called UI redressing…

Malicious Python Repository Package Drops Cobalt Strike on Windows, macOS & Linux Systems

Public repositories of open source code are a critical part of the software supply chain that many organizations use to build applications. They are therefore an attractive target for adversaries seeking to distribute malware to a mass audience. The latest case in point is…

Hackers can hack your online accounts before you even register them

Security researchers have revealed that hackers can hijack your online accounts before you even register them by exploiting flaws that have been already been fixed on popular websites, including Instagram, LinkedIn, Zoom, WordPress, and Dropbox. Andrew Paverd…

Chinese "Twisted Panda" Hackers Caught Spying on Russian Defense Institutes

At least two research institutes located in Russia and a third likely target in Belarus have been at the receiving end of an espionage attack by a Chinese nation-state advanced persistent threat (APT). The attacks, codenamed "Twisted Panda," come in the backdrop of Russia's…

Ransomware attack on nonprofit causes data breach of 500,000 students, teachers in Chicago

A December ransomware attack on Ohio educational nonprofit Battelle for Kids led to a data breach involving the personal information of about 500,000 Chicago-area students and 60,000 teachers. In breach notification letters sent out Friday, Chicago Public Schools…

Multiple Governments Buying Android Zero-Days for Spying: Google

At least eight governments around the world have purchased a package of Android zero-day exploits from a company called Cytrox and are using them to install spyware on targets' mobile phones. The development highlights the sophistication of off-the-shelf surveillance…

Daily Cyber Brief

Chinese APT spies on Russian Defense Institutes, Google confirms several nation-states buying Android 0-days, and Anonymous targets Killnet...

Cybersecurity

Join the conversation

Overt Operator