Cybersecurity Articles
-
Massive Data Leak: 760,000 Employee Records Exposed
A hacker known as ‘Nam3l3ss’ has leaked over 760,000 employee records from major organizations, including Bank of America, Koch, Nokia, JLL, Xerox, Morgan Stanley, and Bridgewater. The compromised data encompasses…
-
Deloitte Breach: Brain Cipher’s Claims and Implications
In September 2024, the threat actor known as Brain Cipher claimed responsibility for leaking internal communications from Deloitte, a leading global auditing firm. The breach reportedly occurred when an Apache…
-
Docker Remote API servers Exploited
Cybercriminals are exploiting misconfigured Docker Remote API servers to deploy the Gafgyt malware, enabling them to launch Distributed Denial-of-Service (DDoS) attacks. Originally targeting Internet of Things (IoT) devices, Gafgyt has…
-
Costa Rica’s State-Owned Energy Company Hit With Ransomware
Costa Rica’s state-owned energy company, RECOPE, experienced a ransomware attack on November 27, 2024, forcing a shift to manual operations for fuel distribution. The incident disrupted digital payment systems, prompting…
-
Storm-1811: Hacking RMM Tools To Spread Ransomware
The cybercriminal group Storm-1811 has been exploiting remote monitoring and management (RMM) tools, such as Microsoft’s Quick Assist, to deploy Black Basta ransomware. They initiate attacks by flooding victims’ inboxes…
-
Horns&Hooves: Campaign Targets Users and Retailers with RATs via Fake Emails
The “Horns&Hooves” campaign, active since March 2023, has targeted over 1,000 victims—primarily private users, retailers, and service businesses in Russia—by distributing remote access trojans (RATs) like NetSupport RAT and BurnsRAT.…
-
SpyLoan: 8 Million Android Users Targeted by Malicious Apps
Over 8 million Android users have been affected by malicious loan applications, collectively termed “SpyLoan,” available on the Google Play Store. These 15 apps, identified by McAfee Labs, deceptively promise…
-
Rockstar 2FA: A New Phishing-as-a-Service Threat Targeting Microsoft 365 Accounts
A new phishing-as-a-service (PhaaS) platform named ‘Rockstar 2FA’ has emerged, enabling large-scale adversary-in-the-middle (AiTM) attacks to steal Microsoft 365 credentials. This service allows attackers to bypass multifactor authentication (MFA) by…
-
EBT Hacking: Millions Stolen from Vulnerable Recipients
Millions of dollars have been stolen from Electronic Benefits Transfer (EBT) accounts in a widespread hacking scheme, affecting vulnerable recipients like Frances Jacobson of Mobile, Alabama, who lost nearly all…
-
Beware: Cybercriminals Cloning Shopping Sites This Holiday Season
Cybercriminals are increasingly targeting online holiday shopping activities by launching sophisticated cyberattacks, such as phishing, website cloning, and RCE (Remote Code Execution) exploits, to steal sensitive information, including financial data.…
CyberCasta 