Lifeboat Foundation

It also follows the discovery of a stealthy threat actor that presents itself as a legitimate enterprise and has been advertising automated CAPTCHA-solving services at scale to other cybercriminals and helping them infiltrate IT networks.

Dubbed Greasy Opal by Arkose Labs, the Czech Republic-based “cyber attack enablement business” is believed to have been operational since 2009, offering to customers a toolkit of sorts for credential stuffing, mass fake account creation, browser automation, and social media spam at a price point of $190 and an additional $10 for a monthly subscription.

The product portfolio runs the cybercrime gamut, allowing them to develop a sophisticated business model by packaging several services together. The entity’s revenues for 2023 alone are said to be no less than $1.7 million.

Discover how Beyond Identity’s deterministic security approach eliminates phishing, credential theft, and other cyber threats with passwordless, phish.

New Linux malware ‘Hadooken’ targets Oracle Weblogic, deploys crypto miners and DDoS botnet. Exploits vulnerabilities for lateral movement.

New Android malware ‘Ajina. Banker’ targets bank customers in Central Asia, stealing financial data and intercepting 2FA messages via Telegram channels.

Vo1d malware infects 1.3M Android TV boxes in 197 countries. Learn about this new backdoor threat and how it compromises device security.

A novel acoustic attack named ‘PIXHELL’ can leak secrets from air-gapped and audio-gapped systems, and without requiring speakers, through the LCD monitors they connect to.

In a PIXHELL attack, malware modulates the pixel patterns on LCD screens to induce noise in the frequency range of 0–22 kHz, carrying encoded signals within those acoustic waves that can be captured by nearby devices such as smartphones.

The researchers’ tests showed that data exfiltration is possible at a maximum distance of 2 meters (6.5 ft), achieving a data rate of 20 bits per second (bps).

We need to do more than deflect cyberattacks. We must build the capacity to sustain operations during and after a cyberattack. We need to bounce back stronger than ever.

Young Consulting has confirmed it lost sensitive data on almost a million people in a ransomware attack that happened earlier in 2024.

The company confirmed the news by sending out data breach notification letters to exactly 954,177 customers, which said it became aware of “technical difficulties” in its computer environment in mid-April 2024.

Cyberattackers leverage Google Sheets for command control in a global espionage campaign targeting 70+ organizations.