CloudZ Malware Abuses Phone Link to Steal SMS OTPs
Cisco Talos uncovers CloudZ RAT and Pheno plugin abusing Microsoft Phone Link to intercept SMS OTPs
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Cisco Talos uncovers CloudZ RAT and Pheno plugin abusing Microsoft Phone Link to intercept SMS OTPs
A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private keys, Amazon Web Services (AWS) secrets, shell command history, Stripe API keys, and GitHub tokens at scale
Cisco has suffered a cyberattack after threat actors used stolen credentials from the recent Trivy supply chain attack to breach its internal development environment and steal source code belonging to the company and its customers. [...]
And then they send victims to the legit VPN download to hide their tracks A group of cybercriminals tracked as Storm-2561 is using fake enterprise VPN clients from CheckPoint, Cisco, Fortinet, Ivanti, and other vendors to steal users' credentials, according to Microsoft.…
A threat actor tracked as Storm-2561 is distributing fake enterprise VPN clients from Ivanti, Cisco, and Fortinet to steal VPN credentials from unsuspecting users. [...]
Is that a JuicyPotato on your network? A suspected Chinese-government-backed cyber crew recently broke into a Taiwanese web hosting provider to steal credentials and plant backdoors for long-term access, using a mix of open-source and custom software tools, Cisco Talos reports.…
Psst, wanna steal someone's biometrics? black hat Critical security flaws in Broadcom chips used in more than 100 models of Dell computers could allow attackers to take over tens of millions of users' devices, steal passwords, and access sensitive data, including fingerprint information, according to Cisco Talos.…
The networking giant said this week that an employee suffered a voice phishing attack that resulted in the compromise of select user data, including email addresses and phone numbers.
Cybersecurity researchers are warning of a "widespread and ongoing" SMS phishing campaign that's been targeting toll road users in the United States for financial theft since mid-October 2024
Chinese Nation-State Hackers Used a Custom Utility to Capture PacketsChinese hackers who infiltrated U.S. telecoms likely only used one, known Cisco vulnerability, says Cisco's threat analysis unit. Otherwise, the Chinese nation-state cyberespionage operation known as Salt Typhoon used stolen login credentials living-off-the-land techniques, says Cisco Talos.
Chinese Nation-State Hackers Used a Custom Utility to Capture PacketsChinese hackers who infiltrated U.S. telecoms likely only used one, known Cisco vulnerability, says Cisco's cybersecurity unit. Otherwise, the Chinese nation-state cyberespionage operation known as Salt Typhoon used stolen login credentials living-off-the-land techniques, says Cisco Talos.
In addition to using CVE-2018-0171 and other Cisco bugs to break into telecom networks, the China-sponsored APT is also using using stolen login credentials for initial access.
Cisco confirmed today that it took its public DevHub portal offline after a threat actor leaked "non-public" data, but it continues to state that there is no evidence that its systems were breached. [...]
IntelBroker claims the breach impacts Microsoft, SAP, AT&T, Verizon, T-Mobile US, and more Cisco has confirmed it is investigating claims of stealing — and now selling — data belonging to the networking giant.…
Cisco has confirmed to BleepingComputer that it is investigating recent claims that it suffered a breach after a threat actor began selling allegedly stolen data on a hacking forum. [...]
4,387 Online Merchants Compromised, Including Cisco and National Geographic StoresThousands of online stores running Adobe Commerce and Magento software have been hacked since the summer and infected with digital payment skimmers by attackers targeting a vulnerability known as CosmicSting. While patched by Adobe in June, users also need to forcibly invalidate stolen credentials.
The 'security issue' was caused by a 9.8-rated Magento flaw Adobe patched back in June Bad news for anyone who purchased a Cisco hoodie earlier this month: Suspected Russia-based attackers injected data-stealing JavaScript into the networking giant's online store selling Cisco-branded merch.…
Cisco's site for selling company-themed merchandise is currently offline and under maintenance due to hackers compromising it with JavaScript code that steals sensitive customer details provided at checkout. [...]
CISA recommends disabling the legacy Cisco Smart Install feature after seeing it abused by threat actors in recent attacks to steal sensitive data, such as system configuration files. [...]
Also: Hacker Sells Data Obtained Through Snowflake AttackThis week, Microsoft deprecated NTLM authentication, a hacker put apparently stolen Snowflake data up for sale, Ticketmaster confirmed its breach, Cisco patched Webex vulnerabilities, pro-Russian hacktivists claimed a DDoS attack in Spain and Kaspersky launched a free virus removal tool for Linux.