Updated on 2022-11-22 Yoroi founder and CEO Marco Ramilli published a report on recent developments in the operations of Hagga, a threat actor known for distributing infostealer trojans. Recent changes include the adoption of Fsociety Tools, an open-source penetration testing framework. Read more: Is Hagga Threat Actor (ab)using FSociety framework ? An Analysis of Infrastructure …
Updated on 2022-11-23 VenomSoftX, a malicious Google Chrome extension, was found being deployed via cracked software. It can conduct man-in-the-browser attacks, steal cryptocurrencies, and perform other nefarious activities. Read more: ViperSoftX: Hiding in System Logs and Spreading VenomSoftX Overview Avast has analyzed recent changes in the operations of ViperSoftX, an infostealer that has been seen …
Updated on 2022-11-22 Antivirus maker Bitdefender said it identified four Android apps on the official Play Store acting as downloaders for the SharkBot banking trojan. The apps were file managers but also contained malicious code to help deploy malware on a user’s device after their Play Store installation. Read more: Android SharkBot Droppers on Google …
Updated on 2022-11-22: DraftKings account hacks Sports betting service DraftKings confirmed that hackers stole $300,000 from customer accounts. The company blamed the incident on users who reused (compromised) passwords for their accounts. However, online, several users said they used unique passwords, which might suggest that some users might have had their computers infected with malware …
According to an October 2022 report from the US Government Accountability Office, (GAO), the country’s “offshore oil and gas infrastructure faces significant and increasing cybersecurity risks in the form of threat actors, vulnerabilities, and potential impacts.” The infrastructure is regulated by the Department of the Interior’s Bureau of Safety and Environmental Enforcement (BSEE). GAO recommends …
Updated on 2022-11-22: Ten BEC scammers charged The US DOJ has charged ten suspects across the US for stealing more than $11.1 million from state Medicaid programs and private health insurers. Officials said the group used BEC schemes where they posed as business partners to divert money from their victims’ bank accounts into accounts operated …
Updated on 2022-11-21: Quantum encryption deadline The Office of Management and Budget has ordered federal agencies to scan their systems and provide an inventory of assets containing cryptographic systems that could be cracked by quantum computers in the coming years. Agencies have a deadline until May 4, 2023, according to an OMB memo [PDF]. The …
Two individuals have been arrested and charged with for their roles as operators of Z-Library. The Russian citizens face charges of copyright infringement, wire fraud, and money laundering. US authorities have also taken down Z-Library’s domains and seized its assets. z-library was one of the few services (along with sci-hub) allowing students, scientists, and other …
In testimony before the US Senate Homeland Security Committee, FBI Director Christopher Wray said that his agency conducts offensive cyber operations against both state and non-state threat actors. Wray did not offer specifics about the offensive operations. “However, he warned that deterring nation-state threat actors from continuing to engage in illegal cyber activity is much …
Meta’s security team has formally confirmed the involvement of the US military in a pro-Western influence operation the social network took down this summer. The company said it removed 39 Facebook accounts, 16 Facebook pages, and 26 Instagram accounts that tried to pose as locals in various countries. The accounts posted content in different languages …
Updated on 2022-11-21: Infosys leaked AWS keys for a year until researcher steps in Infosys, one of the biggest IT and consulting giants on the planet, exposed its own IAM keys for Amazon’s AWS on GitHub for more than a year. Forbes said the keys, which had “full admin access,” allowed access to an S3 …
Updated on 2022-11-20: Vanuatu ransomware attack The government of the small island nation of Vanuatu was hit by a ransomware attack that crippled most of the government’s IT networks and forced staff back to pen and paper. According to a report from the Sydney Morning Herald, a team from the Australian Cyber Security Centre is …
Updated on 2022-11-20: Wickr nukes free version Wickr Me, the consumer end-to-end encrypted messaging service, will cease operating as of the end of 2022. Amazon, which bought Wickr in 2021, will keep its AWS enterprise version running. Wickr had a major problem with child abuse materials but did little to stop it. Read more: AWS …
Updated on 2022-11-21: Indian privacy regulation The Indian government has published the long-awaited first public draft of its upcoming data privacy law—known as the Digital Personal Data Protection Bill. According to the law’s text, companies that operate in India and handle the personal data of Indian citizens must use clear and plain language to describe …
Overview: New threat actor A threat actor going by the name of IntelBroker is claiming to have breached several US government agencies and is now running ads on underground hacking forums claiming to sell more than 2 GB of files stolen from the agencies’ networks. While the group has made bold claims, several security researchers …
