Online shopping is now an established part of daily life: we get food, clothes and other goods delivered to our door in a couple of clicks. Online shopaholics, of which there are many, are may sometimes forget about a parcel or miss a call from the courier. Unsurprisingly, this is exploited by attackers who use fake delivery notifications as bait. One example of this is … [Read more...] about Criminals steal payment details of DHL customers
Steal
New Zimbra Email Vulnerability Could Let Attackers Steal Your Login Credentials
A new high-severity vulnerability has been disclosed in the Zimbra email suite that, if successfully exploited, enables an unauthenticated attacker to steal cleartext passwords of users sans any user interaction. "With the consequent access to the victims' mailboxes, attackers can potentially escalate their access to targeted organizations and gain access to various internal … [Read more...] about New Zimbra Email Vulnerability Could Let Attackers Steal Your Login Credentials
Scammers steal seed phrases to hack cryptowallets
Scammers will stop at nothing when it comes to stealing cryptocurrency. Some try to sell scarce mining equipment, others lure victims with gifts from cryptoexchanges or Elon Musk himself, or even post screenshots on public platforms with passwords for cryptowallets and collect “fees” from cryptoinvestors enticed by the prospect of a free lunch. Today we tell you about a new … [Read more...] about Scammers steal seed phrases to hack cryptowallets
Hackers Target Bank Networks with new Rootkit to Steal Money from ATM Machines
A financially motivated threat actor has been observed deploying a previously unknown rootkit targeting Oracle Solaris systems with the goal of compromising Automatic Teller Machine (ATM) switching networks and carrying out unauthorized cash withdrawals at different banks using fraudulent cards. Threat intelligence and incident response firm Mandiant is tracking the cluster … [Read more...] about Hackers Target Bank Networks with new Rootkit to Steal Money from ATM Machines
New Argo CD Bug Could Let Hackers Steal Secret Info from Kubernetes Apps
Users of the Argo continuous deployment (CD) tool for Kubernetes are being urged to push through updates after a zero-day vulnerability was found that could allow an attacker to extract sensitive information such as passwords and API keys. The flaw, tagged as CVE-2022-24348 (CVSS score: 7.7), affects all versions and has been addressed in versions 2.3.0, 2.2.4, and 2.1.9. Cloud … [Read more...] about New Argo CD Bug Could Let Hackers Steal Secret Info from Kubernetes Apps
Critical Flaw in OpenSea Could Have Let Hackers Steal Cryptocurrency From Wallets
A now-patched critical vulnerability in OpenSea, the world's largest non-fungible token (NFT) marketplace, could've been abused by malicious actors to drain cryptocurrency funds from a victim by sending a specially-crafted token, opening a new attack vector for exploitation. The findings come from cybersecurity firm Check Point Research, which began an investigation into the … [Read more...] about Critical Flaw in OpenSea Could Have Let Hackers Steal Cryptocurrency From Wallets
Creating Wireless Signals with Ethernet Cable to Steal Data from Air-Gapped Systems
A newly discovered data exfiltration mechanism employs Ethernet cables as a "transmitting antenna" to stealthily siphon highly-sensitive data from air-gapped systems, according to the latest research. "It's interesting that the wires that came to protect the air-gap become the vulnerability of the air gap in this attack," Dr. Mordechai Guri, the head of R&D in the Cyber … [Read more...] about Creating Wireless Signals with Ethernet Cable to Steal Data from Air-Gapped Systems
Hackers Steal Over $600 Million Worth of Cryptocurrencies from Poly Network
Hackers have siphoned $611 million worth of cryptocurrencies from a blockchain-based financial network in what's believed to be one of the largest heists targeting the digital asset industry, putting it ahead of breaches targeting exchanges Coincheck and Mt. Gox in recent years. Poly Network, a China-based cross-chain decentralized finance (DeFi) platform for swapping tokens … [Read more...] about Hackers Steal Over $600 Million Worth of Cryptocurrencies from Poly Network
Microsoft Edge Bug Could’ve Let Hackers Steal Your Secrets for Any Site
Microsoft last week rolled out updates for the Edge browser with fixes for two security issues, one of which concerns a security bypass vulnerability that could be exploited to inject and execute arbitrary code in the context of any website. Tracked as CVE-2021-34506 (CVSS score: 5.4), the weakness stems from a universal cross-site scripting (UXSS) issue that's triggered when … [Read more...] about Microsoft Edge Bug Could’ve Let Hackers Steal Your Secrets for Any Site
Scammers use WeakAuras to steal gold in World of Warcraft
When scammers target gamers, they are typically pursuing gaming accounts. Today, we’re discussing a different target: players’ gold. As games go, the massively popular World of Warcraft sees scammers target players on a regular basis, one day threatening them with a ban for alleged cheating, the next seeming to offer virtual pets (but not really; it’s a scam, after all). A user … [Read more...] about Scammers use WeakAuras to steal gold in World of Warcraft