[Weekly Security News] LabHost cybercrime service lets anyone phish Canadian bank users

[March 06 2024]

1. LabHost cybercrime service lets anyone phish Canadian bank users

The Phishing as a Service (PhaaS) platform ‘LabHost’ has been helping cybercriminals target North American banks, particularly financial institutes in Canada, causing a notable increase in activity. Fortra, following the cybercriminal’s activity, reports that LabHost has overtaken cybercriminals’ previous favorite PhaaS platform, Frappo, and is now the primary driving force behind most phishing attacks targeting Canadian bank customers.

Source : Bleeping Computer

2. LoanDepot confirms SSNs leaked in breach claimed by ALPHV/BlackCat

Major U.S. mortgage lender loanDepot notified nearly 17 million customers that their data, including Social Security numbers, may have been stolen in a cyberattack in January. The compromised data included names, addresses, email addresses, financial account numbers, Social Security numbers, phone numbers and dates of birth, according to a sample notification letter provided by loanDepot to the Maine attorney general.

Source : SC Media

3. Penta Security’s Cloudbric Rule Set validated by Tolly Group to have a superior performance over competitors

Penta Security stated that Penta Security’s Cloudbric Rule Set exhibited superior performance compared to Rule Sets provided by other vendors, as indicated in the recently published report by the Tolly Group. Cloudbric Rule Set and competing Rule Sets were tested against 413 types of attack traffic targeting OWASP Top 10 Web Vulnerabilities such as SQL Injection, Cross-Site Scripting, Command Injection, SSI Injection, File Upload, Directory Traversal, and Local File Inclusion (LFI), under the supervision of Kevin Tolly, the founder and CEO of the Tolly Group. Cloudbric Rule Set demonstrated outstanding performance compared to its competitors, achieving a true-positive rate of 91.53%.

Source : Ein Presswire

4. AUTOCRYPT Launches Cybersecurity Testing Platform for UN R155/156 and GB Compliance

New platform enables automotive OEMs to conduct regulatory compliant security testing and share integrated results for vehicle type approval. With customizable hardware adaptable to PC and test bench environments, AutoCrypt CSTP offers test case licenses for three types of tests:Penetration testing, Engineering Specification Testing, Fuzz Testing. From test case selection and configuration to real-time logging and report generation, the entire testing process can be managed on an intuitive GUI, which can be securely linked to all inspection centers and authorities in different countries, consequently empowering faster and more precise decision-making.

Source : PR Newswire

Check out Penta Security’s Cloudbric product lines:

Cloud-based Fully Managed WAAP: Cloudbric WAF+

Agent based Zero Trust Network Access Solution: Cloudbric PAS

Agentless Zero Trust Network Access Solution: Cloudbric RAS

Blockchain: Blockchain Security Solution

Click here for inquiries regarding the partner system of Cloudbric
Make sure to follow us on our social media platforms (LinkedIn, Twitter, and Facebook)

Check out Penta Security’s product lines:

Web Application Firewall: WAPPLES

Database Encryption: D’Amo

Identity and Access Management: iSIGN+ 

Car, Energy, Factory, City Solutions: Penta IoT Security

Click here for inquiries regarding the partner system of Penta Security
Make sure to follow us on our social media platforms (LinkedIn)