Tech News

A Federal Advisory Warns: Remote Management Tools Used in Callback Phishing Campaign

A Federal Advisory Warns: Remote Management Tools Used in Callback Phishing Campaign

The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) have released a joint cybersecurity advisory statement regarding suspicious activity on Federal Civilian Executive Branch (FCEB) networks. The activity related to phishing attacks that used remote management and monitoring software. The remote brands deployed by the attackers were AnyDesk and ScreenConnect, and the scam involved product refunds.

Hive Ransomware Servers and Website Seized in an International Campaign

Hive Ransomware Servers and Website Seized in an International Campaign

A coordinated law enforcement effort—consisting of agencies from 13 countries—has seized the infrastructure and website the notorious Hive ransomware group use to conduct its operations. Key agencies and departments involved include Europol, the FBI, the DOJ, the Secret Service, the Federal Criminal Police Office (Germany), and the National High Tech Crime Unit (Netherlands), among others.

LastPass Owner GoTo Announces Encryption Keys, Backups Stolen

LastPass Owner GoTo Announces Encryption Keys, Backups Stolen

GoTo, the owner of the LastPass credentials management company, has notified users that encrypted keys and backups were stolen in the Nov. 30 attack, and a portion of customer data was also affected. The affected GoTo products include Central, Pro, join.me, Hamachi, and RemotelyAnywhere. The update comes two months after GoTo launched an investigation into the incident.

Researchers Take Down VASTFLUX—A Massive Ad Fraud; 11 Million Devices And 1,700 Apps Affected

Researchers Take Down VASTFLUX — a Massive Ad Fraud; 11 Million Devices and 1,700 Apps Affected

Security researchers at HUMAN have taken down a gigantic ad fraud operation, dubbed VASTFLUX, that affected 11 million devices, 1,700 applications, and 120 publishers. “VASTFLUX” is a derivation of “fast flux” (a cybercrime evasion technique) and “VAST” (a digital ad template abused in the operation). HUMAN is a private organization that aims to prevent cybercrime, focusing on bot detection.

35,000 PayPal Accounts Hit With Credential Stuffing Attack

35,000 PayPal Accounts Hit with Credential Stuffing Attack

PayPal sends security incident notifications about a credential stuffing attack that affected nearly 35,000 users. The attack occurred between Dec. 6. to Dec. 8. 2022. During the two-day window, the attackers gained access to highly sensitive information, including account holders’ full names, dates of birth, postal addresses, social security numbers, and tax identification numbers.

Trend Micro’s Investigation Into GitHub Codespaces Reveals Malware Vulnerability

Trend Micro’s Investigation into GitHub Codespaces Reveals Malware Vulnerability

Trend Micro researchers have revealed how the port-forwarding feature within GitHub Codespaces is a vulnerability which cybercriminals could abuse to deliver and host malware. The researchers found that threat actors could abuse the public sharing of forward ports to create a malware server. All cybercriminals need to do to avoid detection and suspicion is use a legitimate GitHub account. As of yet, the security vulnerability hasn’t been exploited in the wild.

Meta Sues Surveillance Software Firm For Scraping 600,000 Profiles

Meta Sues Surveillance Software Firm for Scraping 600,000 Profiles

Meta is suing the London-based surveillance firm Voyager Labs for using surveillance software that illegally scraped data from 600,000 user profiles on its subsidiary platforms. Scraped information, including likes, comments, friends, and photos were sold to law enforcement agencies. Discover how you can protect yourself against data scraping incidents.

US Department Of Interior Passwords Cracked Within 90 Minutes, Report Reveals

US Department of Interior Passwords Cracked within 90 Minutes, Report Reveals

User passwords for the US Department of the Interior (DOI) were cracked within 90 minutes using a USD 15,000 password-cracking rig. A revised final inspection report issued by the Office of Inspector General (OIG) highlighted the many flaws in the DOI’s authentication protocols, including a lack of two-factor authentication (2FA) and extremely weak password management.

Lloyd’s Insurer Beazley Issues World’s First Cyber Catastrophe Bond

Lloyd’s Insurer Beazley Issues World’s First Cyber Catastrophe Bond

Beazley, a UK insurance company contracted with Lloyd’s of London, has launched the market’s first cybersecurity catastrophe bond for a total payout of USD 45 million (GBP 37 million), should claims exceed USD 300 million. The catastrophe bond is intended to protect insurers like Beazley from massive cyber payouts, which have increased exponentially in recent years due to the rise in cybercrime.

Zoom Phishing Site Delivers IcedID Malware, Poses Threat to User Banking Credentials

Zoom Phishing Site Delivers IcedID Malware, Poses Threat to User Banking Credentials

The Zoom video conferencing application has been modified to deliver the IcedID malware to victims, according to a report issued by Cyble Research and Intelligence Labs (CRIL). IcedID, or “BokBot,” is designed to steal user banking credentials, primarily targeting businesses. Though IcedID serves mainly as a loader for other malware strains, it’s a lethal malware capable of avoiding detection from scanners.

Scroll to Top