Category: Kamban

A large-scale phishing campaign is using an unusual lure to earn at least $900,000 by tricking email recipients into believing they’re about to receive a baby grand piano for free. The campaign, discovered by email security firm Proofpoint, was launched in January 2024 and has distributed over 125,000 emails, mainly targeting North American university students and faculty.…

The U.S. Justice Department and international partners dismantled the 911 S5 proxy botnet and arrested 35-year-old Chinese national YunHe Wang, its administrator. As early as 2011, Wang and his conspirators pushed malware onto victims’ devices using multiple malicious VPN applications bundling proxy backdoors. The VPN apps that added compromised devices to the 911 S5 residential…

Okta warns that a Customer Identity Cloud (CIC) feature is being targeted in credential stuffing attacks, stating that numerous customers have been targeted since April. Okta is a leading identity and access management company providing cloud-based solutions for secure access to apps, websites, and devices. It offers single sign-on (SSO), multi-factor authentication (MFA), universal directory, API…

Check Point has released hotfixes for a VPN zero-day vulnerability exploited in attacks to gain remote access to firewalls and attempt to breach corporate networks. On Monday, the company first warned about a spike in attacks targeting VPN devices, sharing recommendations on how admins can protect their devices. Later, it discovered the source of the…

​First American Financial Corporation, the second-largest title insurance company in the United States, revealed Tuesday that a December cyberattack led to a breach impacting 44,000 individuals. Founded in 1889, it provides financial and settlement services to real estate professionals, home buyers, and sellers involved in residential and commercial property transactions. The California-based company has over…

Over 90 malicious Android apps were found installed over 5.5 million times through Google Play to deliver malware and adware, with the Anatsa banking trojan seeing a recent surge in activity. Anatsa (aka “Teabot”) is a banking trojan that targets over 650 applications of financial institutions in Europe, the US, the UK, and Asia. It attempts to…

The U.S. Treasury Department has sanctioned a cybercrime network comprising three Chinese nationals and three Thailand-based companies linked to a massive botnet controlling a residential proxy service known as “911 S5.” Researchers at the Canadian University of Sherbrooke revealed almost two years ago, in June 2022, that this illegitimate residential proxy service lured potential victims by…

The U.S. Treasury Department has sanctioned a cybercrime network comprising three Chinese nationals and three Thailand-based companies linked to a massive botnet controlling a residential proxy service known as “911 S5.” Researchers at the Canadian University of Sherbrooke found almost two years ago that this illegitimate residential proxy service lured potential victims by offering free…

A 31-year-old Russian national named Evgeniy Doroshenko has been indicted for wire and computer fraud in the United States for allegedly acting as an “initial access broker” from February 2019 to May 2024. An initial access broker (IAB) is a threat actor who breaches corporate networks and then sells that access to other threat actors,…