Month: May 2022

Food For Files: GoodWill Ransomware demands food for the poor to decrypt locked files
GoodWill ransomware attackers share a three-page ransom note asking the victim to perform three tasks to get the decryption key- they want them to donate to the homeless, feed poor kids, and provide financial assistance to a patient in need....

The Verizon 2022 DBIR
The Verizon 2022 Data Breach Investigations Report is out. We are proud to collaborate as a supporting contributor to this year’s data efforts once again and to have contributed for the past 8 years. The report provides interesting analysis of...

Microsoft Warned That Hackers Are Using More Advanced Techniques to Steal Credit Card Data
It has been observed by researchers from Microsoft that credit card skimmers are on the rise, in which threat actors are employing more sophisticated methods in order to hide their malicious code that steals information from consumers. In order to...

Interpol Arrest Leader of SilverTerrier Cybercrime Gang Behind BEC Attacks
A year-long international investigation has resulted in the arrest of the suspected head of the SilverTerrier cybercrime group by the Nigeria Police Force. “The suspect is alleged to have run a transnational cybercrime syndicate that launched mass phishing campaigns and...

Mental Health and Cybersecurity: Two Continuous Journeys
Mental health is health. A common refrain during Mental Health Awareness Month, and one that strikes true when embarking on a journey to improve your emotional wellbeing. Health is an ongoing journey, funnily, with many parallels to cybersecurity. So, in...

142 Million MGM Resorts Records Leaked on Telegram for Free Download
As seen by Hackread.com and researchers at VPNMentor, the leaked data includes sensitive PII information of MGM resort customers. On July 14th, 2020, Hackread.com reported that a hacker going by the online handle of NightLion stole several databases from the...

Hackers Compromise The Accounts Of Zola Registry Users
Posted on May 24, 2022 at 8:38 PM A popular wedding planning website Zola has become the latest victim of a hacking incident. The company revealed that it is aware that some unauthorized gift card orders are being offered online,...

5 Ways I Provide Value as a PullRequest Reviewer When I Start Reviewing a New Project
As shown in Figure 1 below, even early reviews can provide value. Figure 1: An early PullRequest code review. Catching Security Vulnerabilities Fresh eyes are golden here. As a developer with over a decade of experience in the industry, I’ve...

Popular PyPI Package ‘ctx’ and PHP Library ‘phpass’ Hijacked to Steal AWS Keys
Two trojanized Python and PHP packages have been uncovered in what’s yet another instance of a software supply chain attack targeting the open source ecosystem. One of the packages in question is “ctx,” a Python module available in the PyPi...

Performance improvements, snappier ports, and spring cleaning
TL/DR: Spring is in the air, so we’ve been hard at work the last two weeks kicking off the development of new product features and doing some timely spring cleaning. Get reacquainted with our Vulnerabilities page The vulnerabilities page allows...

Twisted Panda: Chinese APT Launch Spy Operation Against Russian Defence Institutes
In an analysis published recently by specialists at Check Point Research, a new spy campaign was discovered, dubbed “Twisted Panda”. This spy operation primarily targeted two Russian defense institutes and a research facility in Belarus. In the course of an...

Hackers Are Compromising Systems Using Snake Keylogger Malware
Posted on May 24, 2022 at 10:11 AM Cybersecurity researchers from HP Wolf Security have discovered a hacking campaign that utilizes PDF files to distribute the Snake Keylogger onto vulnerable endpoints. The researchers stated that the hackers begin their attack...