DPP Law, a firm in the United Kingdom, didn't think a data theft was worth reporting to the authorities.

#law #cyberattack #cybersecurity #datatheft #datasecurity

https://cnews.link/law-firm-data-breach-fine-dark-web-1/

New Google Phishing Scam Targets Crypto Users with Legitimate Emails.

#cryptocurrency #Cybercrime #datatheft #google #Phishing
https://blazetrends.com/new-google-phishing-scam-targets-crypto-users-with-legitimate-emails/?fsp_sid=14109

Malicious JScript Loader Jailbreaked to Uncover Xworm Payload Execution Flow

A new malware campaign has been identified leveraging JScript and obfuscated
PowerShell commands to deliver highly evasive malware variants XWorm and
Rhadamanthys. These threats are distributed using fileless techniques, making
them extremely difficult to detect using traditional antivirus solutions. The
campaign primarily targets Windows environments and utilizes scheduled tasks
or deceptive ClickFix CAPTCHA screens to trick users into executing malicious
payloads. Such loaders are often seen in enterprise environments, where attackers
aim to infiltrate business systems for espionage, data theft, or financial gain.

Pulse ID: 67fef516074ec94b68f3a8e7
Pulse Link: https://otx.alienvault.com/pulse/67fef516074ec94b68f3a8e7
Pulse Author: cryptocti
Created: 2025-04-16 00:08:54

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

Hertz data breach: Customers in US, EU, UK, Australia and Canada affected https://www.helpnetsecurity.com/2025/04/15/hertz-data-breach-customers-in-us-eu-uk-australia-and-canada-affected/ #databreach #Don'tmiss #Australia #datatheft #Hotstuff #Canada #News #USA #EU #UK

Ouch, that Hertz

"Car rental giant Hertz Corporation warns it suffered a data breach after customer data for its Hertz, Thrifty, and Dollar brands was stolen in the Cleo zero-day data theft attacks."

https://www.bleepingcomputer.com/news/security/hertz-confirms-customer-info-and-drivers-licenses-stolen-in-data-breach/

Beware! Fake 'NextGen mParivahan' Malware Returns

A new variant of the fake NextGen mParivahan malware has emerged, exhibiting enhanced stealth and data theft capabilities. The malware, disguised as a government traffic notification system, tricks users into downloading a malicious app that requests extensive permissions. This latest version targets messages from social media, communication, and e-commerce apps, posing a greater threat to user privacy. It employs advanced techniques such as malformed APKs, multi-stage dropper-payload architectures, and dynamic C2 generation to evade detection. The malware steals sensitive data, including SMS messages and notification content, uploading it to Firebase or a C2 server. Its ability to access notifications, SMS, and app data significantly risks user privacy, highlighting the need for improved security awareness and analysis tools.

Pulse ID: 67f6b1c771e854bfa88f7cfd
Pulse Link: https://otx.alienvault.com/pulse/67f6b1c771e854bfa88f7cfd
Pulse Author: AlienVault
Created: 2025-04-09 17:43:35

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

Vidar Stealer: Infostealer malware discovered in Steam game

A recent analysis uncovered a sophisticated deployment of Vidar Stealer, an infamous information-stealing malware, disguised as a legitimate Microsoft Sysinternals tool, BGInfo.exe. The malware, found with an expired Microsoft signature, was significantly larger than the original file and contained modified initialization routines. It creates virtual memory allocations to execute its malicious code, ultimately extracting and running Vidar Stealer. This variant maintains its core functionalities, including credential theft, cryptocurrency wallet targeting, session hijacking, and cloud data theft. The incident highlights the evolving tactics of cybercriminals, emphasizing the need for vigilant threat hunting and proactive security measures.

Pulse ID: 67f42a4eca9270b211468d90
Pulse Link: https://otx.alienvault.com/pulse/67f42a4eca9270b211468d90
Pulse Author: AlienVault
Created: 2025-04-07 19:41:02

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

Oshawa, Ont., man charged after allegedly stealing, leaking Texas Republican Party data
An Ontario man is facing charges in an alleged theft and leak of Texas Republican Party data in 2021. The accused gained unauthorized access to a third-party hosting company's computer system to "deface and download a backup of Texas Republican Party's...
#Politics #Crime #DataTheft #Oshawa #Texas #Ontario
https://www.cbc.ca/news/canada/toronto/oshawa-man-charged-texas-republican-party-data-1.7502188?cmp=rss

North Korean IT workers set their sights on European organizations https://www.helpnetsecurity.com/2025/04/02/north-korean-it-workers-target-europe/ #webapplication #webdevelopment #insiderthreat #blockchain #NorthKorea #Don'tmiss #datatheft #extortion #Hotstuff #News #CMS #EU #UK

From Contagious to ClickFake Interview: Lazarus leveraging the ClickFix tactic

Lazarus, a North Korean state-sponsored threat actor, has launched a new campaign called ClickFake Interview targeting cryptocurrency job seekers. This campaign, an evolution of the previously documented Contagious Interview, uses fake job interview websites to deploy the GolangGhost backdoor on Windows and macOS systems. The infection chain leverages the ClickFix tactic, downloading and executing malicious payloads during the interview process. The campaign primarily targets centralized finance (CeFi) entities, aligning with Lazarus' focus on cryptocurrency-related targets. Notable changes include targeting non-technical roles and using ReactJS-based websites for the fake interviews. The malware provides remote control and data theft capabilities, including browser information exfiltration.

Pulse ID: 67ebff51da5765b1e4d9509e
Pulse Link: https://otx.alienvault.com/pulse/67ebff51da5765b1e4d9509e
Pulse Author: AlienVault
Created: 2025-04-01 14:59:29

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

Steam removes game demo distributing Information-Stealing malware
#cybersecurity #infosec #incident #datatheft
https://beyondmachines.net/event_details/steam-removes-game-demo-distributing-information-stealing-malware-f-e-e-z-6/gD2P6Ple2L

Real-Time Anti-Phishing: Essential Defense Against Evolving Cyber Threats

Phishing remains a prevalent cybersecurity threat, causing financial loss, data theft, and malware deployment. Attackers are expanding targets across platforms and using AI to refine techniques, making detection more challenging. Real-time anti-phishing (RTAP) solutions using AI and machine learning are crucial to combat emerging threats. Recent trends show Facebook as a consistent target, with Roblox and various platforms like Telegram, Coinbase, and PayPal also being targeted. FortiGuard Labs offers advanced RTAP services, employing machine learning, URL reputation checks, and content analysis. Employee awareness and education are essential, with tools like FortiPhish and FortiSAT available for training. The evolving nature of phishing attacks necessitates continuous adaptation of cybersecurity measures to stay ahead of cybercriminals.

Pulse ID: 67dd4070048ce03fee7085c4
Pulse Link: https://otx.alienvault.com/pulse/67dd4070048ce03fee7085c4
Pulse Author: AlienVault
Created: 2025-03-21 10:33:20

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

THIS IS THE #DATA THAT #TRUMP #MUSK #DOGE HAS #STOLEN FROM EVERY #AMERICAN #CITIZEN...

Arcane stealer: We want all your data – Source: securelist.com https://ciso2ciso.com/arcane-stealer-we-want-all-your-data-source-securelist-com/ #rssfeedpostgeneratorecho #MalwareDescriptions #MalwareTechnologies #CyberSecurityNews #Malwarereports #securelistcom #Trojanstealer #Infostealers #Webthreats #datatheft #Discord #YouTube #Arcane #Trojan

Hackers Allegedly Selling Firewall Access to Canon Inc on Hacking Forums https://cybersecuritynews.com/hackers-allegedly-selling-firewall-access-to-canon/ #CyberSecurityNews #cybersecuritynews #CyberSecurity #cybersecurity #DataTheft

DON'T WORRY. ELON HAS YOUR DATA TOO! 250 MILLION DOLLARS BOUGHT DONALD TRUMP!
#SharePost #Trump #Corruption #MAGA #ShareThisPost #reposteria #ShareThis #Oligarchy #cruelty #billionaire #datatheft #DataPrivacy

https://www.engadget.com/cybersecurity/eff-sues-elon-musk-and-doge-to-block-their-access-to-federal-employee-data-042245323.html

The hard-working folk of the Australian Signals Directorate, a department that rarely gets mentioned (and they like it that way) has completed a major coup ASD against the Russian group who snatched millions of records from Australia's Medibank health insurance provider a couple of years ago.

With the help of the UK and US, they identified the major players, located the servers, and wiped out 250 𝘵𝘦𝘳𝘢𝘣𝘺𝘵𝘦𝘴 of stolen data; the Australian info, and that of many more organisations.

All gone, bye-bye.

The people who ran the show went out for a drink (Russian style, so they got blotto), and while they were in no position to respond, the ASD snuck in to their system and did the deed. The show runners are now sanctioned and on catch-and-keep lists.

Well done, everybody!

#AusPol #Medibank #Australia #Russia #DataTheft

https://www.smh.com.au/politics/federal/five-russians-went-out-drinking-when-they-got-back-australia-had-struck-20250212-p5lbfn.html

Revealed: gambling firms secretly sharing users’ data with Facebook without permission | Gambling | The Guardian

https://www.theguardian.com/society/2025/feb/08/gambling-firms-secretly-shared-users-data-with-facebook-without-permission

> Betting companies secretly track visitors to their sites before sending data to parent company #Meta

Kadrey v. Meta: Unsealed emails reveal Meta allegedly torrented 81.7TB+ of data from multiple shadow libraries via Anna's Archive for AI training. #Meta #AItraining #DataTheft #AIethics #Privacy #TechNews #LegalBattle #ArtificialIntelligence #AnnaArchive