-
6 days ago | 
technadu.com | Lore Apostol
Fraudulent campaigns impersonating payroll, HR, and billing platforms target Deel, Shopify, Marqeta, and OmniFlex. Key elements of the phishing campaigns include fraudulent Google ads leading to fake websites and 2FA exploitation. The FBI issued a public warning against these scammers who look to gain unauthorized access and redirect funds. Cybercriminals are advancing their tactics, deploying sophisticated phishing kits to impersonate payroll, human resources, and benefits platforms.
-
6 days ago | 
technadu.com | Lore Apostol
A new development has surfaced in the ongoing data leak saga involving Indian health insurer Star Health and Allied Insurance Co. The hacker behind the 2024 Star Health reportedly sent death threats and bullets to the company's CEO and CFO. The provided motive was related to alleged grievances of customers who were denied medical claims.
-
6 days ago | 
technadu.com | Lore Apostol
Two Vietnamese individuals indicted for their involvement with FMovies dodged jail time. An anti-piracy operation culminated in the shutdown of Fmovies and its associated sites last year. The admins of the massive piracy network now received suspended prison sentences, promising to avoid illegal activities. The recent sentencing of two key operators of Fmovies, one of the largest and most resilient piracy operations in the world, in Vietnam resulted in suspended prison terms.
-
6 days ago | 
technadu.com | Lore Apostol
A recent analysis shows Chinese generative AI models are only 3 to 6 months behind their U.S. counterparts. The U.S. still leads due to superior private investment and semiconductor supremacy, among others. Yet, the U.S. and China both double down on government funding.
-
1 week ago | 
technadu.com | Lore Apostol
The Qilin Ransomware gang claimed an alleged data breach involving the Japanese company Nagasaki Ship Equipment. The Japanese company said that on April 24, 2025, unauthorized access to its internal servers was detected. Sensitive data related to the company’s business operations was reportedly exfiltrated. A significant cybersecurity breach involving Nagasaki Ship Equipment Co., Ltd.
-
1 week ago | 
technadu.com | Lore Apostol
A global operation took down several platforms offering Distributed Denial of Service attacks to users for a fee. The arrested administrators ran six DDoS-for-hire platforms – Cfxapi, Cfxsecurity, Neostress, Jetstress, Quickdown, and Zapcut. Authorities in the Netherlands set up fake booter sites to warn users seeking out DDoS-for-hire services.
-
1 week ago | 
technadu.com | Lore Apostol
LockBit affiliates’ dark web panels and databases were reportedly defaced and breached, respectively. The message displayed on the infiltrated platforms is similar to one used in a recent Everest ransomware leak site defacement. Leaked data includes Bitcoin addresses, build configurations, negotiation chats, and user database. The LockBit ransomware gang, notorious for its prolific cyberattacks, suffered a breach of its affiliate forums and databases, which exposed critical operational details.
-
1 week ago | 
technadu.com | Lore Apostol
U.S. school districts are being extorted following the December 2024 PowerSchool data breach. Cybercriminals leverage sensitive student information from the breach to request ransoms. PowerSchool admitted to paying a ransom to the hackers responsible for the original breach. Several U.S. school districts recently faced extortion attempts. The attacks leverage stolen data obtained from PowerSchool, a California-based educational software and cloud services provider.
-
1 week ago | 
technadu.com | Lore Apostol
A new malware campaign relies on social engineering via fake CAPTCHA and a ClickFix lure. The multi-stage delivery system of LOSTKEYS marks a continuation of COLDRIVER’s targeted intelligence collection activities. The malware showcases anti-VM measures and downloads a VBS decoder with the payload. A new strain of malware, dubbed LOSTKEYS, is linked to the Russian government-backed hacking group COLDRIVER (also known as UNC4057, Star Blizzard, or Callisto).
-
1 week ago | 
technadu.com | Lore Apostol
A Mirai-based botnet dubbed "LZRD" is leveraging GeoVision vulnerabilities to install malware. The two flaws are being actively exploited for the first time since their disclosure in 2024. The affected GeoVision models are retired and will not be receiving further updates. Attackers actively exploit command injection vulnerabilities in discontinued GeoVision Internet of Things (IoT) devices, escalating concerns about outdated technologies being targeted by botnets.
