InfoSec News 20250310
Top News
-
PrintSteal: Unmasking a Large-Scale KYC Document Fraud Operation
"A recent investigation by CloudSEK has exposed PrintSteal, a vast cybercriminal operation engaged in the fraudulent generation and distribution of counterfeit Know Your Customer (KYC) documents in India."
TLP1 : Green
-
FIN7, FIN8, and Others Use Ragnar Loader for Persistent Access and Ransomware Operations
"Threat hunters have shed light on a "sophisticated and evolving malware toolkit" called Ragnar Loader that's used by various cybercrime and ransomware groups like Ragnar Locker (aka Monstrous Mantis), FIN7, FIN8, and Ruthless Mantis (ex-REvil)."
TLP1 : Green
-
Malicious Chrome extensions can spoof password managers in new attack
"A newly devised "polymorphic" attack allows malicious Chrome extensions to morph into other browser extensions, including password managers, crypto wallets, and banking apps, to steal sensitive information."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
US seizes $23 million in crypto linked to LastPass breaches
"U.S. authorities have seized over $23 million in cryptocurrency linked to the theft of $150 million from a Ripple crypto wallet in January 2024. Investigators believe hackers who breached LastPass in 2022 were behind the attack."
TLP1 : Green
-
Qilin Ransomware gang claims the hack of the Ministry of Foreign Affairs of Ukraine
"Qilin Ransomware group claims to have breached the Ministry of Foreign Affairs of Ukraine, marking a significant cybersecurity attack."
TLP1 : Green
-
"Russia claims Ukraine hacked state youth organizations to recruit minors"
A Russian security agency has accused Ukraine of hacking two Kremlin-backed youth military-patriotic organizations to gather student data for potential recruitment in espionage or terrorist activities.""
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Data breach at Japanese telecom giant NTT hits 18,000 companies
"Japanese telecommunication services provider NTT Communications Corporation (NTT) is warning almost 18,000 corporate customers that their information was compromised during a cybersecurity incident."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
PHP-CGI RCE Flaw Exploited in Attacks on Japan's Tech, Telecom, and E-Commerce Sectors
"Threat actors of unknown provenance have been attributed to a malicious campaign predominantly targeting organizations in Japan since January 2025."
TLP1 : Green
-
Over 1,000 WordPress Sites Infected with JavaScript Backdoors Enabling Persistent Attacker Access
"Over 1,000 websites powered by WordPress have been infected with a third-party JavaScript code that injects four separate backdoors."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Study for your CISSP certifications in this $30 course bundle deal
"Risk management is an important part of many cybersecurity jobs. Becoming a Certified Information Systems Security Professional goes a long way toward showing your expertise in risk management, but the exams are difficult. If you want help preparing, study the CISSP Security and Risk Management Training Bundle while it's on sale for $29.97 (reg. $424)."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Multiple Vulnerabilities Discovered in a SCADA System
"In early 2024 we conducted a security assessment of a Supervisory Control and Data Acquisition (SCADA) system named ICONICS Suite and identified five vulnerabilities in versions 10.97.2 and earlier for Microsoft Windows. We coordinated with the ICONICS security team, which released multiple security patches in 2024 to resolve some of these issues and published timely security advisories with workarounds for the rest."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.