Infostealers Harvest Over 30,000 Australian Banking Credentials
Dvuln researchers highlighted the growing impact of infostealers on the cybercrime landscape, enabling attackers to bypass traditional defenses
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Dvuln researchers highlighted the growing impact of infostealers on the cybercrime landscape, enabling attackers to bypass traditional defenses
Hackers Use Credential Stuffing to Steal AU$500,000, Breach 20,000 Member AccountsAustralia's largest pension funds faced coordinated credential attacks last week that compromised thousands of user accounts and led to the theft of at least AU$500,000 from four superannuation accounts. The affected funds included AustralianSuper, Rest and Australian Retirement Trust.
Cyber-attacks on Australian superannuation funds leave some savers out of pocket
Over the weekend, a massive wave of credential stuffing attacks hit multiple large Australian super funds, compromising thousands of members' accounts. [...]
'Near-global' initial access campaign active since 2021 An initial-access subgroup of Russia's Sandworm last year wriggled its way into networks within the US, UK, Canada and Australia, stealing credentials and data from "a limited number of organizations," according to Microsoft.…
An Australian man has been charged with running a fake Wi-Fi access point during a domestic flight with an aim to steal user credentials and data
An Australian man was charged by Australia's Federal Police (AFP) for allegedly conducting an 'evil twin' WiFi attack on various domestic flights and airports in Perth, Melbourne, and Adelaide to steal other people's email or social media credentials. [...]
Court Filing: Threat Actor Stole Admin Credentials From IT Service Desk ContractorMedibank's lack of MFA on its global VPN allowed a hacker to use credentials stolen from an IT services desk contractor to access the private health insurer's IT systems in 2022, leading to a dark web data leak affecting 9.7 million individuals, Australian regulators said in court documents.
Two individuals have been arrested in Australia and the U.S. in connection with an alleged scheme to develop and distribute a remote access trojan called Hive RAT (previously Firebird)
Customer Accounts Were Secured by MFA, But Contractor's Credentials Exposed DataAustralian telecom company Tangerine is blaming the compromise of a third-party contractor's credentials for exposing personal information of 232,000 customers, which had been stored in a legacy database. The breach exposed customers' names, birthdates, mobile numbers, addresses and account numbers.
Australian software firm Atlassian warned customers to immediately patch a critical vulnerability that provides remote attackers with hardcoded credentials to log into unpatched Confluence Server and Data Center servers. [...]
Brute force attack leaves the license wide open for undetectable alteration, but back end data remains unchanged An Australian digital driver's license (DDL) implementation that officials claimed is more secure than a physical license has been shown to easily defaced, but authorities insist the credential remains secure.…