Month: May 2022

Food For Files: GoodWill Ransomware demands food for the poor to decrypt locked files

GoodWill ransomware attackers share a three-page ransom note asking the victim to perform three tasks to get the decryption key- they want them to donate to the homeless, feed poor kids, and provide financial assistance to a patient in need....

/ May 25, 2022

The Verizon 2022 DBIR

The Verizon 2022 Data Breach Investigations Report is out. We are proud to collaborate as a supporting contributor to this year’s data efforts once again and to have contributed for the past 8 years. The report provides interesting analysis of...

/ May 25, 2022

Microsoft Warned That Hackers Are Using More Advanced Techniques to Steal Credit Card Data

It has been observed by researchers from Microsoft that credit card skimmers are on the rise, in which threat actors are employing more sophisticated methods in order to hide their malicious code that steals information from consumers. In order to...

/ May 25, 2022

Interpol Arrest Leader of SilverTerrier Cybercrime Gang Behind BEC Attacks

A year-long international investigation has resulted in the arrest of the suspected head of the SilverTerrier cybercrime group by the Nigeria Police Force. “The suspect is alleged to have run a transnational cybercrime syndicate that launched mass phishing campaigns and...

/ May 25, 2022

Mental Health and Cybersecurity: Two Continuous Journeys

Mental health is health. A common refrain during Mental Health Awareness Month, and one that strikes true when embarking on a journey to improve your emotional wellbeing. Health is an ongoing journey, funnily, with many parallels to cybersecurity. So, in...

/ May 25, 2022

142 Million MGM Resorts Records Leaked on Telegram for Free Download

As seen by Hackread.com and researchers at VPNMentor, the leaked data includes sensitive PII information of MGM resort customers. On July 14th, 2020, Hackread.com reported that a hacker going by the online handle of NightLion stole several databases from the...

/ May 24, 2022

Hackers Compromise The Accounts Of Zola Registry Users

Posted on May 24, 2022 at 8:38 PM A popular wedding planning website Zola has become the latest victim of a hacking incident. The company revealed that it is aware that some unauthorized gift card orders are being offered online,...

/ May 24, 2022

5 Ways I Provide Value as a PullRequest Reviewer When I Start Reviewing a New Project

As shown in Figure 1 below, even early reviews can provide value. Figure 1: An early PullRequest code review. Catching Security Vulnerabilities Fresh eyes are golden here. As a developer with over a decade of experience in the industry, I’ve...

/ May 24, 2022

Popular PyPI Package ‘ctx’ and PHP Library ‘phpass’ Hijacked to Steal AWS Keys

Two trojanized Python and PHP packages have been uncovered in what’s yet another instance of a software supply chain attack targeting the open source ecosystem. One of the packages in question is “ctx,” a Python module available in the PyPi...

/ May 24, 2022

Performance improvements, snappier ports, and spring cleaning

TL/DR: Spring is in the air, so we’ve been hard at work the last two weeks kicking off the development of new product features and doing some timely spring cleaning. Get reacquainted with our Vulnerabilities page The vulnerabilities page allows...

/ May 24, 2022

Twisted Panda: Chinese APT Launch Spy Operation Against Russian Defence Institutes

In an analysis published recently by specialists at Check Point Research, a new spy campaign was discovered, dubbed “Twisted Panda”. This spy operation primarily targeted two Russian defense institutes and a research facility in Belarus. In the course of an...

/ May 24, 2022

Hackers Are Compromising Systems Using Snake Keylogger Malware

Posted on May 24, 2022 at 10:11 AM Cybersecurity researchers from HP Wolf Security have discovered a hacking campaign that utilizes PDF files to distribute the Snake Keylogger onto vulnerable endpoints. The researchers stated that the hackers begin their attack...

/ May 24, 2022