Brandefense Academy
Your trusted hub for learning, developing, and mastering the skills that shape tomorrow's digital defense.
Discover Now Your trusted hub for learning, developing, and mastering the skills that shape tomorrow's digital defense.
Discover NowAPRIL 27, 2023
[vc_row pix_particles_check=”” nav_skin=”light” consent_include=”include”][vc_column][vc_column_text]
We’ve gathered dark web insights, cyber security news, vulnerabilities, and CVEs, ransomware for you. Enjoy!
[/vc_column_text][vc_empty_space height=”10px”][vc_column_text]
What happened in cyberspace in the last two weeks? Here is a quick shot of security news from the world.
A new banking trojan called Chameleon has been discovered by cybersecurity researchers, specifically targeting Android users in Poland and Australia. Besides the CoinSpot app, the trojan, active since January, mimics other popular apps, including an Australian government agency and the Polish IKO Bank.
The trojan is spread via compromised websites, Bitbucket hosting services, and Discord attachments. It has been observed that threat actors create the application icon by imitating the icons of ChatGPT, Chrome, and Bitcoin to distribute the malware.
In this way, malware does not arouse suspicion from users.
One of the notable features of Chameleon is its unique commands, which do not appear to be associated with any known Trojan families. This shows that the malware may be a new strain, and researchers believe it is still in its early stages of development and comes with limited capabilities.
Chameleon poses a significant threat to Android users with its usual banking trojan capabilities such as keylogging, SMS collection, launching overlay attacks and stealing cookies. In addition, the malware includes a lock catcher module that can detect if an Android device user is using a PIN, password or swipe. Chameleon can also disable Google Play Protect, making it harder for users to see and remove malware.
Although the current variant of Chameleon is not highly sophisticated, cybersecurity experts warn that it still abuses Accessibility Services.
This allows attackers to upgrade the malware further and cause more damage.
As a result, users are advised to be cautious when;
[/vc_column_text][vc_empty_space height=”10px”][vc_column_text]
Western Digital, a famous Silicon Valley-based American computer drive manufacturer and data storage company, has been hit by a recent data breach, according to a report by TechCrunch.
The hackers claim to have stolen more than 10TB of sensitive data from the storage company, demanding more than $10 million in ransom. Still, Western Digital is refusing to cooperate with the hackers. Besides, the cybercriminals shared a sample of the stolen information with tech bloggers, who confirmed its authenticity.
Earlier this month, the company disclosed that an unauthorized third party had access to multiple systems used within the organization. The storage company did not provide further details about the attack’s size but continued coordinating with law enforcement and forensic cybersecurity experts.
The attack forced Western Digital’s cloud network out of action for nearly two weeks, and the company has only recently managed to get the consumer service My Cloud back online. The hackers claim to have customer information and sensitive company data, such as the cellphone numbers of the company’s top executives.
It remains unclear who is behind the attack. The hackers have not identified themselves, but they have warned that they will release the stolen data onto the hacking website Alphv if they do not receive the ransom from Western Digital.
The storage company has not confirmed whether the leaked information includes customers’ sensitive information, such as SSNs, DOBs, and banking information. Western Digital has also yet to ensure whether customer files were lost because of the security breach.
If the stolen data is released, it could harm the reputation of the publicly traded computer storage manufacturer. In this context, to avoid being the target of similar security breaches, it is recommended to consider some of the security measures given below.
[/vc_column_text][vc_empty_space height=”10px”][vc_column_text]
Here are the insights & security news from the dark web. Learn and protect yourself before threats reach you. If you want to get more insight, follow us on Twitter and Subscribe to our Ransomware Newsletter![/vc_column_text][vc_empty_space height=”10px”][vc_column_text]
š„URGENT: IRDA hit by Lockbit ransomware! Sensitive data leaked š¼š & ransom deadline: April 18ā³ Don’t become the next victim! Stay informed & protect yourself with our in-depth analysis of Lockbit’s: https://t.co/TQrq3B5dly #CyberSecurity #IRDAš” pic.twitter.com/LKfNHu60ld
ā BRANDEFENSE | Digital Risk Protection Service (@Brandefense) April 13, 2023
[/vc_column_text][vc_empty_space height=”10px”][vc_column_text]
[/vc_column_text][vc_empty_space height=”10px”][vc_column_text]
Millions of Artifacts, Misconfigured Enterprise Software Registries Are Ripe for Pwning
Tangled Up: ‘Tomiris’ APT Uses Turla Malware, Confusing Researchers
Critical Infrastructure Organizations Further Affected in 3CX Breach
Ransomware Hackers Using AuKill Tool to Disable EDR Software Using BYOVD Attack
Hackers Exploit Outdated WordPress Plugin to Backdoor Thousands of WordPress Sites
New All-in-One “EvilExtractor” Stealer for Windows Systems Surfaces on the Dark Web
[/vc_column_text][vc_empty_space][/vc_column][/vc_row]
Take control of your digital security with an exclusive demo of our powerful threat management platform.
