Category: Kamban

Cybersecurity company CrowdStrike has been sued by investors who say it provided false claims about its Falcon platform after a bad security update led to a massive global IT outage causing the stock price to tumble almost 38%. The plaintiffs claim that the massive IT outage that occurred on July 19, 2024, proves CrowdStrike’s claims that their…

Read More

The leader of a tech support fraud scheme was sentenced to seven years in prison after tricking at least 6,500 victims and generating more than $6 million. According to the U.S. Department of Justice, the fraudulent operation targeted elderly victims in the United States and Canada. Fake malware infections Between March 2015 and July 2018, Vinoth Ponmaran (36) ran…

Read More

Twilio has finally killed off its Authy for Desktop application, forcibly logging users out of the desktop application. In January, Twilio announced that the Authy desktop apps for Windows, macOS, and Linux would reach the end of life on March 19, 2024, and will ultimately be discontinued in August 2024. While the desktop apps continued to work…

Read More

Threat actors uploaded malicious Python packages to the PyPI repository and promoted them through the StackExchange online question and answer platform. The packages are named ‘spl-types,’ ‘raydium,’ ‘sol-structs,’ ‘sol-instruct,’ and ‘raydium-sdk’ and download scripts that steal sensitive data from the browser, messaging apps (Telegram, Signal, Session), and cryptocurrency wallet details (Exodus, Electrum, Monero). The info-stealing malware can also exfiltrate files…

Read More

Researchers are warning of threat actors increasingly abusing the Cloudflare Tunnel service in malware campaigns that usually deliver remote access trojans (RATs). This cybercriminal activity was frst detected in February and it is leveraging the TryCloudflare free service to distribute multiple RATs, including AsyncRAT, GuLoader, VenomRAT, Remcos RAT, and Xworm. Campaigns attributed to the same activity…

Read More

The United Kingdom’s National Crime Agency (NCA) has shut down Russian Coms, a major caller ID spoofing platform used by hundreds of criminals to make over 1.8 million scam calls. Their targets included people from over 107 countries, including the United Kingdom, the United States, New Zealand, Norway, and France. Russian Coms was established in…

Read More

Threat actors have hijacked more than 35,000 registered domains in so-called Sitting Ducks attacks that allow claiming a domain without having access to the owner’s account at the DNS provider or registrar. In a Sitting Ducks attack, cybercriminals exploit configuration shortcomings at the registrar level and insufficient ownership verification at DNS providers. Researchers at DNS-focused security vendor Infoblox…

Read More

Pharmaceutical giant Cencora has confirmed that patients’ protected health information and personally identifiable information (PII) was exposed in a February cyberattack. Cencora, previously known as AmerisourceBergen, specializes in pharmaceutical services, providing drug distribution and technology solutions for doctor’s offices, pharmacies, and animal healthcare.  The company is ranked #10 on the Fortune 500 and #24 on the Global Fortune…

Read More

‘We’re building towards curating and collecting a bunch of information to be able to provide back intelligence and insights on the industry,’ says Colin Knox, CEO of Gradient MSP. ‘Benchmarking was just the number one thing that kept coming back to us from everybody saying, ‘Can we get pricing and cost benchmarking so that we…

Read More

Image: MidjourneyThe Federal Bureau of Investigation (FBI) warns of scammers posing as employees of cryptocurrency exchanges to steal funds from unsuspecting victims. While the FBI didn’t share what prompted today’s public service announcement, it was likely motivated by a surge of reports of fraudsters using this tactic to access victims’ accounts and siphon off their…

Read More