Russian Man Arrested in Connection with Scheme to Infect Tesla Factory Network with Malware. US law enforcement authorities have arrested and charged a Russian man for allegedly offering $1 million to an employee at Tesla’s Sparks, Nevada factory in return for infecting the company’s network with malware. The employee contacted the FBI. Egor Igorevich Kriuchkov was arrested earlier this week and charged with one count of conspiring to intentionally cause harm to a protected computer.
Read more in:
- Elon Musk confirms Russian hacking plot targeted Tesla factory
- Russian hacker tried to bribe a Tesla factory worker to install malware
- Feds avert Russian man’s $1 million plot to infect Nevada company’s network
- Russian arrested for trying to recruit an insider and hack a Nevada company
- Elon Musk confirmed Russian’s plans to extort Tesla
- FBI stopped a ransomware scheme by tricking a suspect to meet in Los Angeles
New Zealand Stock Exchange Struck by DDoS Attack. The New Zealand stock exchange (NZX) has temporarily halted trading as it deals with the effects of a distributed denial-of-service (DDoS) attack that hit its network on Tuesday, August 25. The attack is likely the work of a group that has been launching DDoS attacks against other high-profile financial service organizations, including MoneyGram, Worldpay, Venmo, and PayPal. The group demands a ransom to be paid in bitcoin to stop the attacks.
Read more in:
- New Zealand Stock Exchange suffers day four disruption following DDoS attacks
- DDoS extortionists target NZX, Moneygram, Braintree, and other financial services
- New Zealand stock exchange halted trading after DDoS attacks
- DDoS downs New Zealand stock exchange for third consecutive day
- New Zealand’s stock exchange not to reopen on Thursday after cyber attacks
Autodesk Vulnerability Exploited in Cyberespionage Campaign. Hackers launched a cyberespionage campaign against an international architecture and video production firm through a vulnerability in Autodesk 3D computer graphics software. The hackers managed to get someone at the company to download a malicious Autodesk plugin.
Read more in:
- More Evidence of APT Hackers-for-Hire Used for Industrial Espionage (PDF)
- Hackers Exploit Autodesk Flaw in Recent Cyberespionage Attack
- Malicious Autodesk plugin at the root of the cyber-espionage campaign
Fix Available for Pulse Secure VPN Vulnerability. A code execution vulnerability in Pulses Secure VPN could be exploited to take control of networks. While the exploit requires that the attacker have admin privileges, this can be accomplished by tricking a user with those privileges into clicking on a malicious link. Users are urged to update to version 9.1R8 of Pulse Connect Secure and Pulse Policy Secure.
Read more in:
- Code-execution bug in Pulse Secure VPN threatens patch laggards everywhere
- Nasty code execution vulnerability discovered in Pulse Secure VPN
- SA44516 – 2020-07: Security Bulletin: Multiple Vulnerabilities Resolved in Pulse Connect Secure / Pulse Policy Secure 9.1R8
Medical Data Leaked on GitHub. Medical data belonging to as many as 200,000 people were exposed on GitHub. The information from clinics, hospitals, billing services, and other healthcare-related organizations was not leaked by hackers but was insufficiently protected due to faulty access control configuration and hardcoded credentials.
Read more in:
- Medical Data Leaks Linked to Hardcoded Credentials in Code
- Medical Data Leaked on GitHub Due to Developer Errors
- No need to hack when it’s leaking | GITHUB HEALTHCARE LEAKS (PDF)
Qbot Trojan Now Hijacking eMail Threads. A new variant of the Qbot Trojan is hijacking email threads, according to a report from Check Point. Qbot , which is also called Qakbot and Pinkslipbot, has been in use since at least 2008. It also is capable of stealing information, installing additional malware, and conducting fraudulent bank transactions.
Read more in:
- An Old Bot’s Nasty New Tricks: Exploring Qbot’s Latest Attack Methods
- Revamped Qbot Trojan Packs New Punch: Hijacks Email Threads
- Your email threads are now being hijacked by the QBot Trojan
Microsoft Azure Sphere Bugs Patched. Researchers at Cisco Talos found four vulnerabilities in Microsoft’s Azure Sphere: two of the flaws could lead to unsigned code execution, and two could be exploited to gain elevated privileges. Microsoft has released Azure Sphere 20.08, which addresses these vulnerabilities.
Read more in:
- Four More Bugs Patched in Microsoft’s Azure Sphere IoT Platform
- Vulnerability Spotlight: Remote code execution, privilege escalation bugs in Microsoft Azure Sphere
- Azure Sphere 20.08 Security Updates
Google Patches Flaw in Chrome Browser. Google has fixed a high-severity use-after-free vulnerability in its Chrome browser. The flaw exists because Chrome’s Web Graphics Library (WebGL) component does not properly handle objects in memory. The vulnerability could be exploited to execute arbitrary code. The issue is fixed in Chrome 85, which has been released to the stable channel for Windows, Mac, and Linux.
Read more in:
- Google Fixes High-Severity Chrome Browser Code Execution Bug
- Vulnerability Spotlight: Use-after-free vulnerability in Google Chrome WebGL could lead to code execution
- Stable Channel Update for Desktop
US Government Agencies Warn of North Korean Hackers Targeting ATMs. The US Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury, the FBU, and US Cyber Command have issued a joint technical alert regarding an automated teller machine (ATM) cash-out scheme that is being conducted by actors working on behalf of the North Korean government. According to the alert, the group has been stealing large sums of money through the cash-out schemes and fraudulent international funds transfers.
Read more in:
- CISA, Treasury, FBI, and USCYBERCOM Release Cyber Alert on Latest North Korea Bank Robbing Scheme
- FASTCash 2.0: North Korea’s BeagleBoyz Robbing Banks
- Analysis Reports
- US govt warns of North Korean hackers targeting banks worldwide
- US government exposes North Korean government ATM cashout hacking campaign
- US publicly blames North Korean cyber scheme in an attempt to protect the private sector
DARPA’s Hardened Hardware Standing Up to Bug Bounty Program. The US Defense Advanced Research Projects Agency’s (DARPA) bug bounty program, Find Exploits to Thwart Tampering (FETT), began in July and runs through September. The program is designed to find bugs in DARPA’s System Security Integrated Through Hardware and Firmware (SSITH) program. To date, no bugs have been found.
Read more in:
