Aurora Info Stealer MaaS
Aurora Stealer is an info-stealing malware offered as Malware-as-a-Service by a threat actor known as Cheshire. It had many functionality not limited to data stealing and remote access capabilities. The…
AirAsia Breached by Daixin Group PII stolen
AirAsia Group recently fell victim to a ransomware attack by Daixin Team. The threat actors, informed that they obtained the personal data of 5 million unique passengers and all employees.…
DraftKings! Latest Victim of Credential Stuffing Attack
Sports betting site DraftKings has been hit by a credential-stuffing attack, leading to a loss of $300,000. The company assured its customers of a payback. A statement from DraftKings noted…
API Keys and User data leaked by faulty Apps
Security researchers have uncovered more than 1,500 apps leaking the Algolia API key and application ID, potentially exposing user data. 32 applications were found to have critical administrative secrets hardcoded,…
Microsoft Patches Kerberos Issues in Windows Server
Microsoft fixes the issues surrounding the Kerberos network authentication protocol on Windows Server after it was broken by November Patch Tuesday updates. Updates that are installed on the domain controller…
Google seeks to dumify Cobalt Strike
Cobalt Strike is one of the major penetration testing product used that allows an attacker to deploy an agent named ‘Beacon’ on the victim machine. The Beacon has functionality for…
Luna Moth Ransomware Employs Callback Phishing
Palo Alto Network’s Unit 42 details the disturbing rise of a ransomware group Luna Moth, (aka) the Silent Ransom Group that has invested in call centers and infrastructure to target…
AxLocker Ransomware – New one stealing Discord Tokens
Researchers discovered a new ransomware variant that not only encrypts the victim’s files but also attempts to steal data by enabling a Discord account takeover. The “AXLocker” ransomware functions in…