Npav Lab
-
The 'Bitter' cyberespionage group has launched attacks on Turkish defense organizations, deploying a new malware family, MiyaRAT. This sophisticated malware, alongside WmRAT, leverages alternate data streams and advanced techniques to exfiltrate sensitive data and control compromised systems.
-
A Pune police constable lost Rs 2.3 lakh after unknowingly scanning a malicious QR code at a bakery. Fraudsters exploited his device through a malicious APK file, leading to unauthorized access to multiple accounts. This incident highlights the rising risks of cyber scams in digital transactions.
-
Fraudsters are targeting unsuspecting individuals with fake parcel notifications. These calls, often from numbers starting with +96, +18, claim there’s an issue with your delivery and urge you to "Press 9" for more details. Don’t fall for it—this is a scam!
-
Artivion, a global leader in heart surgery medical devices, faced a disruptive ransomware attack on November 21. The attack encrypted systems, stole data, and impacted corporate operations, order processing, and shipping. This incident highlights the rising threat of ransomware in the healthcare sector.
-
A ransomware attack on Comtel Data Centre has severely impacted around 16 stockbrokers, including prominent names like IIFL Securities, 5Paisa, and Axis Securities. The breach has led to blocked exchange access and raised concerns over client data and order flow security. Exchanges have mandated strict security certifications before resuming operations.
-
Two women in Mumbai, including a 61-year-old homemaker, lost a combined Rs 4.7 lakh to cyber fraudsters. These cases underline the growing sophistication of online scams, including KYC updates and fraudulent advertisements.
-
A four-month-long cyberattack targeted a major U.S. organization, compromising its network and extracting sensitive data. The breach is attributed to a Chinese state-sponsored group, employing advanced techniques like DLL side-loading, living-off-the-land tools, and targeting Exchange servers.
-
Chinese state-backed hacking group Salt Typhoon has breached telecommunications companies in dozens of countries, including eight firms in the U.S., exploiting vulnerabilities in private communication networks. This long-running campaign raises alarms about critical infrastructure security and highlights the urgent need for encrypted communications and robust system defenses.
-
The Horns and Hooves campaign, active since March 2023, has targeted over 1,000 victims with phishing emails containing JavaScript payloads that deploy sophisticated RAT malware like NetSupport RAT and BurnsRAT. This attack primarily targets private users, retailers, and service businesses in Russia, leveraging remote access tools for data theft, ransomware, and malware deployment.
-
Over 8 million Android users across nine countries have been impacted by SpyLoan malware embedded in loan apps downloaded from the Google Play Store. These apps exploit user trust, financial desperation, and intrusive permissions to harvest sensitive data, leading to extortion, harassment, and financial loss.