Tag: theft
-
UAT-5918 ATP group targets critical Taiwan
by
in SecurityNewsCisco Talos found UAT-5918, active since 2023, using web shells and open-source tools for persistence, info theft, and credential harvesting. Cisco Talos uncovered UAT-5918, an info-stealing threat actor active since 2023, using web shells and open-source tools for persistence and credential theft. The APT UAT-5918 targets Taiwan, exploiting N-day vulnerabilities in unpatched servers for long-term…
-
Oracle denies breach after hacker claims theft of 6 million data records
Oracle denies it was breached after a threat actor claimed to be selling 6 million data records allegedly stolen from the company’s Oracle Cloud federated SSO login servers First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/oracle-denies-data-breach-after-hacker-claims-theft-of-6-million-data-records/
-
Checkpoint ZoneAlarm Driver Flaw Exposes Users to Credential Theft
by
in SecurityNewsCredential theft alert! Venak Security discovers a BYOVD attack using .SYS drivers to bypass Windows security. Learn how… First seen on hackread.com Jump to article: hackread.com/checkpoint-zonealarm-driver-flaw-user-credential-theft/
-
UAT-5918 Targets Taiwan’s Critical Infrastructure Using Web Shells and Open-Source Tools
by
in SecurityNewsThreat hunters have uncovered a new threat actor named UAT-5918 that has been attacking critical infrastructure entities in Taiwan since at least 2023.”UAT-5918, a threat actor believed to be motivated by establishing long-term access for information theft, uses a combination of web shells and open-sourced tooling to conduct post-compromise activities to establish persistence in victim…
-
UAT-5918 Hackers Exploit N-Day Vulnerabilities in Exposed Web and Application Servers
by
in SecurityNews
Tags: access, credentials, cyber, cybersecurity, data-breach, exploit, group, hacker, healthcare, infrastructure, theft, threat, vulnerabilityA recent cybersecurity threat, identified as UAT-5918, has been actively targeting entities in Taiwan, particularly those in critical infrastructure sectors such as telecommunications, healthcare, and information technology. This advanced persistent threat (APT) group is believed to be motivated by establishing long-term access for information theft and credential harvesting. UAT-5918 gains initial access by exploiting known…
-
Infostealers Fuel 2.1B Credentials and 23M Host Infections
by
in SecurityNewsCybercrime surged with a 33% spike in credential theft and 200 million credentials stolen in early 2025, signaling a daunting threat landscape for organizations. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/trends/infostealers-2-1b-credentials-23m-hosts/
-
Cryptohack Roundup: $6.1M Wemix Theft
by
in SecurityNewsAlso: OKX Temporarily Suspends Services to Prevent Funds Laundering. This week, $6.1M Wemix theft, OKX suspended services, Vermont dropped Coinbase case, new RAT-targeted crypto wallet extensions, TJ Stone got prison time, Nebraska’s new crypto ATM rule, Trezor disclosed a potential bug and British prosecutors charged a former police officer for 50 Bitcoin theft. First seen…
-
State-Backed Hackers Exploiting Windows Zero-Day Since 2017
by
in SecurityNewsAt least 11 state-sponsored hacking groups from North Korea, Iran, Russia, and China have been actively exploiting a newly uncovered Windows zero-day vulnerability in cyber espionage and data theft attacks since 2017. Despite clear evidence of exploitation, Microsoft has declined… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/zdi-can-25373-zero-day-exploited-since-2017/
-
UAT-5918 targets critical infrastructure entities in Taiwan
by
in SecurityNewsUAT-5918, a threat actor believed to be motivated by establishing long-term access for information theft, uses a combination of web shells and open-sourced tooling to conduct post-compromise activities to establish persistence in victim environments for information theft and credential harvesting. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/uat-5918-targets-critical-infra-in-taiwan/
-
Attack time frames are shrinking rapidly. Here’s how cyber teams can cope
by
in SecurityNewsTime frame changes to time to exploit: The time frames are quickly shortening as the focus by a variety of attackers’ ransomware efforts shift to data stealing first, rather than trying to collect ransoms.A recent Huntress Cyber Report shows that that TTE, which the researchers refer to as “time-to-ransom” or TTR, has dropped to a few…
-
Nation-state actors and cybercrime gangs abuse malicious .lnk files for espionage and data theft
by
in SecurityNews11 state-sponsored APTs exploit malicious .lnk files for espionage and data theft, with ZDI uncovering 1,000 such files used in attacks. At least 11 state-sponsored threat groups have been abusing Windows shortcut files for espionage and data theft, according to an analysis by Trend Micro’s Zero Day Initiative (ZDI). Trend ZDI researchers discovered 1,000 malicious…
-
New Windows zero-day exploited by 11 state hacking groups since 2017
by
in SecurityNewsAt least 11 state-backed hacking groups from North Korea, Iran, Russia, and China have been exploiting a new Windows vulnerability in data theft and cyber espionage zero-day attacks since 2017. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-windows-zero-day-exploited-by-11-state-hacking-groups-since-2017/
-
Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017
by
in SecurityNewsAn unpatched security flaw impacting Microsoft Windows has been exploited by 11 state-sponsored groups from China, Iran, North Korea, and Russia as part of data theft, espionage, and financially motivated campaigns that date back to 2017.The zero-day vulnerability, tracked by Trend Micro’s Zero Day Initiative (ZDI) as ZDI-CAN-25373, refers to an issue that allows bad…
-
11 State-Sponsored APTs Exploiting LNK Files for Espionage, Data Theft
by
in SecurityNewsZDI has uncovered 1,000 malicious .lnk files used by state-sponsored and cybercrime threat actors to execute malicious commands. The post 11 State-Sponsored APTs Exploiting LNK Files for Espionage, Data Theft appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/11-state-sponsored-apts-exploiting-lnk-files-for-espionage-data-theft/
-
Attack time frames are shrinking rapidly. Here’s how cyber teams can cope.
by
in SecurityNewsTime frame changes to time to exploit: The time frames are quickly shortening as the focus by a variety of attackers’ ransomware efforts shift to data stealing first, rather than trying to collect ransoms.A recent Huntress Cyber Report shows that that TTE, which the researchers refer to as “time-to-ransom” or TTR, has dropped to a few…
-
New RAT malware used for crypto theft, reconnaissance
Microsoft has discovered a new remote access trojan (RAT) that employs “sophisticated techniques” to avoid detection, ensure persistence, and extract sensitive information data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-new-rat-malware-used-for-crypto-theft-reconnaissance/
-
Cybersecurity in Crypto: Best Practices to Prevent Theft and Fraud
by
in SecurityNewsCybersecurity tips to protect your cryptocurrency from hackers, scams, and fraud. Learn best practices for securing digital assets… First seen on hackread.com Jump to article: hackread.com/cybersecurity-crypto-practices-to-prevent-theft-fraud/
-
New MassJacker Malware Targets Piracy Users, Hijacking Cryptocurrency Transactions
by
in SecurityNewsUsers searching for pirated software are the target of a new malware campaign that delivers a previously undocumented clipper malware called MassJacker, according to findings from CyberArk.Clipper malware is a type of cryware (as coined by Microsoft) that’s designed to monitor a victim’s clipboard content and facilitate cryptocurrency theft by substituting copied cryptocurrency wallet addresses…
-
New Microsoft 365 Attack Leverages OAuth Redirection for Credential Theft
by
in SecurityNewsThreat researchers at Proofpoint are currently tracking two sophisticated and highly targeted cyber-attack campaigns that are utilizing OAuth redirection mechanisms to compromise user credentials. These attacks combine advanced brand impersonation techniques with malware proliferation, focusing on Microsoft 365-themed credential phishing designed to facilitate account takeovers (ATOs), as per a report shared in the platform, X.…
-
Red Report 2025: Unmasking a 3X Spike in Credential Theft and Debunking the AI Hype
by
in SecurityNewsCredential theft surged 3× in a year”, but AI-powered malware? More hype than reality. The Red Report 2025 by Picus Labs reveals attackers still rely on proven tactics like stealth & automation to execute the “perfect heist.” First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/red-report-2025-unmasking-a-3x-spike-in-credential-theft-and-debunking-the-ai-hype/
-
How AI fuels identity theft tactics
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/perspective/how-ai-fuels-identity-theft-tactics
-
Feds seized $23 million in crypto stolen using keys from LastPass breaches
by
in SecurityNewsU.S. authorities seized $23M in crypto linked to a $150M Ripple wallet theft, experts believe the incident is linked to the 2022 LastPass breach. U.S. authorities seized $23M in crypto tied to a $150M Ripple hack, suspected to have been carried out by hackers from the 2022 LastPass breach. Security researcher ZachXBT identified the victim…
-
UK Cybersecurity Weekly News Roundup 9 March 2025
by
in SecurityNews
Tags: android, attack, backdoor, breach, china, cloud, compliance, computer, cyber, cyberattack, cybercrime, cybersecurity, data, espionage, exploit, government, group, hacker, infrastructure, international, malware, microsoft, network, ransomware, regulation, resilience, service, skills, software, theft, update, vulnerabilityWelcome to this week’s edition of our cybersecurity news roundup, bringing you the latest developments and insights from the UK and beyond. Microsoft Engineer’s Transition to Cybersecurity Ankit Masrani, a 36-year-old software engineer, successfully transitioned into a cybersecurity role at Microsoft. With a background in IT and a Master’s degree in computer science, Masrani secured…
-
US seizes $23 million in crypto linked to LastPass breaches
by
in SecurityNewsU.S. authorities have seized over $23 million in cryptocurrency linked to the theft of $150 million from a Ripple crypto wallet in January 2024. Investigators believe hackers who breached LastPass in 2022 were behind the attack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-seizes-23-million-in-crypto-stolen-via-password-manager-breach/
-
Strela Stealer Malware Attack Microsoft Outlook Users for Credential Theft
by
in SecurityNewsThe cybersecurity landscape has recently been impacted by the emergence of the Strela Stealer malware, a sophisticated infostealer designed to target specific email clients, notably Microsoft Outlook and Mozilla Thunderbird. This malware has been active since late 2022 and has been primarily used in large-scale phishing campaigns targeting users in several European countries, including Spain,…
-
US seizes $23 million in crypto stolen via password manager breach
U.S. authorities have seized over $23 million in cryptocurrency linked to the theft of $150 million from a Ripple crypto wallet in January 2024. Investigators believe hackers who breached LastPass in 2022 were behind the attack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-seizes-23-million-in-crypto-stolen-via-password-manager-breach/
-
Strela Stealer Malware Targets Microsoft Outlook Users for Credential Theft
by
in SecurityNewsThe cybersecurity landscape has recently been impacted by the emergence of the Strela Stealer malware, a sophisticated infostealer designed to target specific email clients, notably Microsoft Outlook and Mozilla Thunderbird. This malware has been active since late 2022 and has been primarily used in large-scale phishing campaigns targeting users in several European countries, including Spain,…
-
Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies
by
in SecurityNewsRansomware group Hunters International claims to have hacked Tata Technologies, threatening to leak 1.4 TB of stolen data. The Hunters International ransomware group claimed to have breached the Indian multinational technology company Tata Technologies, a Tata Motors subsidiary. The group claims the theft of 1.4 terabytes of data and is threatening to leak it. The…