New DDoS-as-a-Service Platform Attacking Medical Institutions

Passion Group, a Killnet, and Anonymous Russia affiliate, recently started providing DDoS-as-a-Service to pro-Russian hackers.  During the attacks on January 27, the Passion Botnet was used to target medical institutions in the United States,…

Hackers Use TrickGate Packer to Deploy Emotet, Cobalt Strike & Other Malware

The cybersecurity analysts at Check Point Research recently reported that TrickGate, a shellcode-based packer, has been in operation for over six years without being detected. It has enabled threat actors to deploy various types of malware such as:-&#1…

Over 1800 Android Mobile App Web Injects for Sale on Hacking Forums

Cyble Research and Intelligence Labs (CRIL) is a security research organization that has been monitoring the actions of a group of cyber criminals called “InTheBox”.  This group is primarily active on a Russian-language cybercrime forum, wh…

New Prilex Malware Blocks Contactless Payments to Steal Credit Card Data

Prilex is indeed a single threat actor that transformed from malware targeted at ATMs into distinctive modular point-of-sale (PoS) malware. Prilex has resurfaced with new upgrades that allow it to block contactless payment transactions. This is ex…

Hackers Abuse Microsoft’s ‘Verified Publisher’ OAuth Apps to Hack Organizations Cloud

Multiple fraudulent Microsoft Partner Network accounts were discovered to have created harmful OAuth applications, causing breaches in organizations’ cloud environments and leading to the theft of emails. As a result, Microsoft has taken action a…

GitHub Breach – Hackers Stole Code Signing Certificates From Repositories

GitHub announced that it suffered a security breach in which unauthorized individuals obtained access to specific development and release planning repositories and stole encrypted code-signing certificates for the Desktop and Atom applications. Hence, …

Facebook & Instagram Flaw Let Anyone Bypass Two-factor Authentication

The lack of rate-limiting in Instagram was discovered by Gtm Mänôz, a security researcher from Kathmandu, Nepal.  This flaw could have allowed an attacker to bypass Facebook’s two-factor authentication by validating the targeted user’s…

Hackers Exploiting Unpatched Exchange Servers in The Wild

Microsoft has been strongly encouraging its customers to keep updating their Exchange servers, in addition to taking steps to ensure that the environment remains secured with robust security implementations. While doing so, users can do the following t…

New Research Uncovers Threat Actor Behind Infamous Golden Chickens Malware-as-a-Service

The identity of the individual behind the Golden Chickens malware-as-a-service has been uncovered by cybersecurity experts. The perpetrator, known online as “badbullzvenom,” has been identified in the real world. An extensive 16-month inves…

FBI Hacks Back Hive Ransomware Gang’s Infrastructure – Website Seized

As a result of an international law enforcement operation, the sites utilized by the Hive ransomware operation for both payments and data leaks on the Tor network were successfully taken over, following the FBI’s infiltration of the group’s…