Npav Lab

Cybercriminals are pretending to be IT support using Microsoft Teams to trick employees. They use spam emails, fake calls, and phishing tactics to gain access to company systems and install ransomware.

A 66-year-old retired serviceman’s wife from Bengaluru was tricked by cybercriminals who posed as police officers. The scammers accused her of money laundering, put her under "digital arrest," and forced her to transfer ₹35 lakh over five days.

Russian hacking group Star Blizzard is targeting high-value diplomats and officials with a phishing campaign that exploits WhatsApp. By deceiving victims into linking their WhatsApp accounts to the hackers' devices, the group gains unauthorized access to private messages.

Wolf Haldenstein Adler Freeman & Herz LLP has confirmed a data breach that affected nearly 3.5 million individuals. The breach occurred on December 13, 2023, but the investigation and notifications have been delayed. Sensitive personal data like Social Security numbers and medical information have been exposed, increasing the risk of scams and fraud.

Hackers are hiding malicious software in images to deliver dangerous malware like VIP Keylogger and 0bj3ctivity Stealer. These tools are used to steal sensitive data, such as passwords, keystrokes, and screenshots, in separate phishing campaigns.

Cybercriminals are using Google Search ads to trick advertisers into entering their credentials on fake Google Ads login pages. These phishing attacks are stealing account details to misuse them, affecting advertisers worldwide.

Fortinet FortiGate firewall devices are under attack due to a zero-day vulnerability. Hackers are exploiting exposed management interfaces on public networks, gaining unauthorized access, and compromising firewall configurations. Organizations must act quickly to secure their systems and prevent further damage.

A dangerous ransomware called Codefinger is attacking Amazon Web Services (AWS) users by encrypting their data in S3 buckets. Victims cannot recover their files without paying for a decryption key, making this attack a significant threat to cloud-based systems.

OneBlood, a major blood-donation organization in the U.S., experienced a ransomware attack in July 2024. The breach exposed sensitive data, including names and Social Security numbers, affecting donors.

BayMark Health Services, a leading provider of addiction treatment in North America, faced a data breach where attackers stole personal and health information of patients. The breach, attributed to the RansomHub ransomware gang, affected systems between September 24 and October 14, 2024.