Twilio’s Authy App Breach Exposes Millions of Phone Numbers

Leave a Comment / Cyber Attacks /

Unidentified threat actors exploited an unauthenticated endpoint in Authy to find information connected to Authy accounts, including user phone numbers, according to cloud communications provider Twilio. The business claimed to have secured the endpoint so that it could no longer receive requests without authentication. This happened just a few days after a user going by […]

Twilio’s Authy App Breach Exposes Millions of Phone Numbers Read More »

WikiLeaks’ Julian Assange Released from U.K. Prison, Heads to Australia

Leave a Comment / Data Breach /

Julian Assange, the founder of WikiLeaks, was released from a high security prison at Belmarsh, England, and left the country after more than five years of imprisonment for what the US government called the “largest compromises of classified information” in its history. Assange, 52, entered a guilty plea to one single count of arranging to

WikiLeaks’ Julian Assange Released from U.K. Prison, Heads to Australia Read More »

Data of Nigerian Citizens sold online for 100 Naira

Leave a Comment / Data Breach /

The Paradigm Initiative, a digital rights organisation, has discovered that millions of Nigerians’ personal data is being sold on the internet for as little as 100 Naira (7 cents). This contains private information like a person’s phone number, driving licence, international passport, tax identification number (TIN), permanent voter’s card (PVC), driving licence, bank verification number

Data of Nigerian Citizens sold online for 100 Naira Read More »

Cryptojacking Campaign Targets Misconfigured Kubernetes Clusters

Leave a Comment / Malware /

An ongoing effort of cryptojacking has been brought to light by cybersecurity researchers, which mines Dero money using misconfigured Kubernetes systems. The activity was made public by cloud security company Wiz, which stated it was an enhanced version of a financially driven operation that CrowdStrike had initially reported on in March 2023. Wiz researchers Avigayil

Cryptojacking Campaign Targets Misconfigured Kubernetes Clusters Read More »

$3 Million Was Stolen From Kraken Crypto Exchange Using a Zero-Day Vulnerability

Leave a Comment / Vulnerabilities /

The cryptocurrency exchange Kraken disclosed that an anonymous security researcher had taken advantage of a “very critical” zero-day vulnerability in its system to pilfer $3 million worth of digital assets, and was refusing to give them back. Chief Security Officer of Kraken, Nick Percoco, provided details of the incident on X (formerly Twitter). He said

$3 Million Was Stolen From Kraken Crypto Exchange Using a Zero-Day Vulnerability Read More »

Hackers Exploit GitHub and FileZilla to Deliver Malware Cocktail

Leave a Comment / Malware /

A “multi-faceted campaign” has been observed that uses reputable services such as GitHub and FileZilla to propagate a variety of banking trojans and stealer malware, including Vidar, Atomic (also known as AMOS), Lumma (also known as LummaC2), and Octo, by posing as reliable programmes such as 1Password, Bartender 5, and Pixelmator Pro. “The presence of

Hackers Exploit GitHub and FileZilla to Deliver Malware Cocktail Read More »

Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator

Leave a Comment / Uncategorized /

Dmitry Yuryevich Khoroshev, a 31-year-old Russian national, is the administrator and creator of the LockBit ransomware campaign, according to the U.K. National Crime Agency (NCA). The Australian Department of Foreign Affairs, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC), and the Foreign, Commonwealth and Development Office (FCD) of the United Kingdom

Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator Read More »

Malicious Android Apps Pose as Google, Instagram, WhatsApp to Steal Credentials

Leave a Comment / Malware /

It has been noted that malicious Android apps that pose as Google, Instagram, Snapchat, WhatsApp, and X (previously Twitter) can steal user credentials from devices that have been hijacked. In a recent analysis, the threat research team at SonicWall Capture Labs stated that “this malware uses famous Android app icons to mislead users and trick

Malicious Android Apps Pose as Google, Instagram, WhatsApp to Steal Credentials Read More »

Ex-NSA Employee Sentenced to 22 Years for Trying to Sell U.S. Secrets to Russia

Leave a Comment / Uncategorized /

A former National Security Agency (NSA) employee in the United States was given a sentence of nearly 22 years (262 months) in jail for trying to send confidential documents to Russia. “This sentence should serve as a stark warning to all those entrusted with protecting national defense information that there are consequences to betraying that

Ex-NSA Employee Sentenced to 22 Years for Trying to Sell U.S. Secrets to Russia Read More »