Threat actors have begun using progressive web applications (PWA) to impersonate banking apps with the goal of tricking victims into unwillingly handing over online banking credentials. PWAs have been defined as, ...an app that's built using web platform technologies, but that provides a us
Kootenai Health, a not-for-profit healthcare provider in Idaho, operating the largest hospital in the region, offering a wide range of medical services, including emergency care, surgery, cancer treatment, cardiac care, and orthopedics, disclosed they had suffered a data breach. Approximately over
A recent article published by Reuters shows a marked increase in GPS Spoofing attacks targeting airlines. GPS spoofing is a malicious attack in which Global Positioning System (GPS) data is manipulated to mislead a GPS receiver about its actual location. This could cause significant disruptions, as
In a statement released by INTERPOL, it was revealed the international policing agency helped recover 40 million USD stolen from a victim who suffered a Business Email Compromise (BEC) attack. These are attacks where threat actors compromise an enterprises' email service, then trick employees to pa
A recent report by Zscaler revealed that the Dark Angels ransomware gang received a record-breaking 75 million USD ransom payment from a Fortune 50 company. The report stated, In early 2024, ThreatLabz uncovered a victim who paid Dark Angels $75 million, higher than any publicly known amoun
According to a recent report by Microsoft Threat Intelligence, researchers discovered a vulnerability in ESXi hypervisors being exploited by several ransomware operators to obtain full administrative permissions on domain-joined ESXi hypervisors. In practice, these hypervisors are installed on serv
To say that the financially motivated, advanced persistent threat group FIN7 is notorious is an understatement. The Russian-speaking group of hackers has been active since 2013 and primarily focused on financial fraud and stealing credit card details. The group then moved to the ransomware game in a
MuddyWater, also tracked as Earth Vetala, MERCURY, Static Kitten, and Seedworm, is an Iranian state-sponsored threat actor that has been active since 2017. In the past, we have seen the group extensively use zero-day exploits on several separate occasions. The group has also proven highly capable o
On July 2, 2024, Ethereum disclosed that a threat actor compromised Ethereum's mailing list provider and sent to over 35,000 addresses a phishing email with a link to a malicious site running a crypto drainer. Summarizing the attack, Ethereum noted: The threat actor imported a large email l
A banking trojan first discovered in 2020 has made a comeback, according to threat intelligence firm Cleafy. Called Medusa, not to be confused by the ransomware gang or the botnet going by the same name, the malware targets Android devices and is offered as a Malware-as-a-Service to other threat act