Daily Cyber Brief

Lazarus targets crypto experts with fake Coinbase job offers, 5.4M Twitter accounts were leaked in January, and Slack refreshed passwords after some were exposed in a bug...

Cybersecurity

North Korean hackers target crypto experts with fake Coinbase job offers

A new social engineering campaign by the notorious North Korean Lazarus hacking group has been discovered, with the hackers impersonating Coinbase to target employees in the fintech industry. A common tactic the hacking group uses is to approach targets over LinkedIn to…

Twitter confirms January breach, urges pseudonymous accounts to not add email or phone number

Twitter officially confirmed that a January breach led to the leak of information connected to 5.4 million accounts. Two weeks ago, a hacker on Breach Forums offered email addresses and phone numbers connected to the accounts, which they said ranged from…

Cisco warns of critical vulnerabilities in routers

Cisco this week urged customers to patch three vulnerabilities discovered in a handful of its routers. The company said the vulnerabilities — which could affect Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers — could allow an unauthenticated remote…

New GwisinLocker ransomware encrypts Windows and Linux ESXi servers

A new ransomware family called 'GwisinLocker' targets South Korean healthcare, industrial, and pharmaceutical companies with Windows and Linux encryptors, including support for encrypting VMware ESXi servers and virtual machines. The new malware is the product of…

Open Redirect Flaw Snags Amex, Snapchat User Data

Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among others, to trick victims. Attackers are exploiting a well-known open redirect flaw to phish people’s credentials and personally identifiable information (PII) using…

Facebook finds new Android malware used by APT hackers

Meta (Facebook) has released its Q2 2022 adversarial threat report, and among the highlights is the discovery of two cyber-espionage clusters connected to hacker groups known as 'Bitter APT' and APT36 (aka 'Transparent Tribe') using new Android malware. These cyberspying…

Genesis IAB Market Brings Polish to the Dark Web

The growing role of so-called initial access brokers (IABs) in the underground cybercrime economy is reflected in evolution of Genesis Marketplace, one of the earliest full-fledged markets for IABs, which has grown more sophisticated and polished over time…

New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack

A new IoT botnet malware dubbed RapperBot has been observed rapidly evolving its capabilities since it was first discovered in mid-June 2022. "This family borrows heavily from the original Mirai source code, but what separates it from other IoT malware families is its…

UK NHS suffers outage after cyberattack on managed service provider

United Kingdom's National Health Service (NHS) 111 emergency services are affected by a significant and ongoing outage triggered by a cyberattack that hit the systems of British managed service provider (MSP) Advanced. Advanced's Adastra client patient…

Slack Resets Passwords After a Bug Exposed Hashed Passwords for Some Users

Slack said it took the step of resetting passwords for about 0.5% of its users after a flaw exposed salted password hashes when creating or revoking shared invitation links for workspaces. "When a user performed either of these actions, Slack transmitted a hashed…

Daily Cyber Brief

Lazarus targets crypto experts with fake Coinbase job offers, 5.4M Twitter accounts were leaked in January, and Slack refreshed passwords after some were exposed in a bug...

Cybersecurity

Join the conversation

Overt Operator