cybersecurity threats
-
Australian Retirement Funds Targeted in Cyberattack, Thousands Affected
The Australian retirement fund sector is in turmoil following a series of cyberattacks that have led to unauthorized access of customer accounts. Approximately 8,000 members of Rest super fund have been identified as potentially affected, with broader implications for other funds as investigations continue into the security breaches.
-
Data Breach at Europcar Exposes Personal Information of Up to 200,000 Customers
Europcar Mobility Group suffered a data breach resulting in the exposure of personal information belonging to up to 200,000 customers. The breach involved unauthorized access to GitLab repositories, with demands for extortion made by the threat actor.
-
New Phishing-as-a-Service Operation Utilizes Advanced Evasion Techniques
The Morphing Meerkat phishing operation employs advanced techniques including DNS over HTTPS to evade detection and deliver dynamic spoofed login pages for over 114 brands.
-
Cloudflare Open-Sources OPKSSH to Enhance SSH Management with Single Sign-On Integration
Cloudflare has announced the open-sourcing of OPKSSH, a tool that integrates single sign-on technologies into SSH management, enhancing security and user convenience by replacing long-lived SSH keys with ephemeral keys generated on demand.
-
New Cybercrime Platform Automates Credential Stuffing Attacks on 140 Online Services
The newly discovered Atlantis AIO platform automates credential stuffing attacks against 140 online services, providing cybercriminals with tools to exploit vulnerabilities in systems lacking adequate security measures.
-
Sam’s Club Investigates Potential Clop Ransomware Breach
Sam’s Club is investigating claims of a potential Clop ransomware breach, amidst heightened scrutiny on security measures. The supermarket chain operates hundreds of locations across multiple countries and prioritizes customer data security.
-
Fake DeepSeek Ads Spread Malware Through Google Search Results
Fake ads impersonating the AI company DeepSeek are spreading malware via Google search results, with the campaign identified by Malwarebytes researchers. The ads lead users to malicious sites that deploy a Trojan targeting cryptocurrency wallets.
-
FamousSparrow Hackers Enhance Cyber Attacks with Modular Backdoor
A China-linked cyberespionage group known as FamousSparrow has intensified its operations by deploying an upgraded version of its backdoor malware, SparrowDoor, against several organizations, including a US-based trade group. ESET researchers have identified significant improvements in the malware’s structure and capabilities, raising concerns about the group’s access to advanced cyber tools.
-
Malaysian PM Declines $10 Million Ransom Following Cyber Attack on Kuala Lumpur Airport
Malaysian Prime Minister Anwar Ibrahim has firmly rejected a $10 million ransom demand from hackers following a cyber attack that disrupted operations at Kuala Lumpur International Airport, emphasizing the importance of national cybersecurity.
-
New Phishing Kit Targets Users by Impersonating 114 Brands Using DNS
Cybersecurity researchers have identified a new phishing-as-a-service platform dubbed Morphing Meerkat, which utilizes DNS records to execute targeted phishing attacks against 114 brands, employing sophisticated techniques to manage and disseminate stolen credentials.
