According to Malwarebytes, scammers have been capitalising on recent news of Elon Musk’s twitter purchase to push scam cryptocurrencies to users. Bot accounts posing as Elon Musk have been posting fake replies to tweets directing users to a fake version of news outlet Medium, on the page of a fake article advertising a cryptocurrency giveaway. Everything about the page is intended to convince the visitor that it’s all genuine, down to the numerous comments from “Medium users” saying they received their funds. Included on the page is a message saying: “Tesla 100 000 ETH Giveaway! To verify your address, just…
Author: ISBuzz Team
Following the news that: Coca Cola Investigates Potential Data Breach Coca Cola is investigating reports of data breach after claim Stormous ransomware group stole data | Daily Mail Online Security experts commented below.
The New York Times is reporting Elon Musk and Twitter Reach Deal for Sale. Twitter has agreed to be taken over at $54.20 a share, a 38 percent premium over the share price when it was revealed Mr. Musk has been buying up the company’s stock. Elon Musk had this to say: “Free speech is the bedrock of a functioning democracy, and Twitter is the digital town square where matters vital to the future of humanity are debated,” Mr. Musk said in a statement announcing the deal. “Twitter has tremendous potential — I look forward to working with the company and…
It has been announced that the Lapsus$ hacking group has claimed another victim: U.S. telecom giant T-Mobile. T-Mobile’s latest security incident was first revealed by security journalist Brian Krebs, who obtained a week’s worth of private chat messages between the core members of Lapsus$. According to the data, Lapsus$ had access to T-Mobile’s network by compromising employee accounts, either by buying leaked credentials or through social engineering.
Last week at Pwn2Own Miami 2022, a hacking contest focusing on industrial control systems (ICS), contestants earned a total of $400,000 for their exploits. Two Dutch researchers even took home $90,000 and a championship trophy by targeting the software that helps run the world’s critical infrastructure. The worst part? They said it was their “easiest challenge yet.” Naturally, these feats raise the question: Why is it so easy to break into the systems that run the world’s most critical, far-reaching technologies?
As reported by Decrypt, cypto exchange Binance has recovered a small fraction of the $622 million stolen from Sky Mavis’s Ethereum sidechain Ronin last month, according to a tweet by exchange CEO Changpeng “CZ” Zhao. Sky Mavis is the developer team behind the popular play-to-earn crypto game Axie Infinity. Zhao tweeted that the North Korean hacking group responsible for the theft began channeling some of the loot on the exchange across “over 86 accounts” and that “$5.8M has been recovered.
Please see comment below by cyber security experts on how agriculture organisations can protect themselves against cyberattacks after the FBI’s warning on increased attacks by ransomware gangs on the sector.
Analytics company Varonis found one of its customers had multiple devices and file servers compromised and encrypted by the threat group known as Hive. The initial indicator of compromise was the successful exploitation of Microsoft Exchange via vulnerabilities known as ProxyShell. Hive is built for distribution in a Ransomware-as-a-service model that enables affiliates to utilize it as desired. The variant uses common ransomware tactics, techniques, and procedures (TTPs) to compromise victims’ devices. While taking live actions, the operator disables anti-malware protections and then exfiltrates sensitive data and encrypts business files. Their affiliates use multiple mechanisms to compromise their victims’ networks,…
Following reports this morning of international intelligence agency, Five Eyes, warning of Russian cyber attacks, please find below a comment from cybersecurity expert on the ways to shore up corporate cybersecurity in a climate of tension and raised threat levels.
Cybercriminals are now using a more varied arsenal of attack methods to target cloud environments, including shifting focus from Docker to Kubernetes. These findings were revealed in recent research from Aqua Security, which discovered that attackers are increasingly utilising cryptominers, backdoors, rootkits and credential stealers to infiltrate cloud environments.
