- U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer
A recent scoop by Reuters revealed that mobile apps for the U.S. Army and the Centers for Disease Control and Prevention (CDC) were integrating software that sends visitor data to a Russian company called Pushwoosh, which claims to be based in the United States. But that story omitted an important historical detail about Pushwoosh: In 2013, one of its developers admitted to authoring the Pincer Trojan, malware designed to surreptitiously intercept and forward text messages from Android mobile devices.
- Researchers Quietly Cracked Zeppelin Ransomware Keys
Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “Zeppelin” in May 2020. He’d been on the job less than six months, and because of the way his predecessor architected things,… Read More »
- Disneyland Malware Team: It’s a Puny World After All
A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode, an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic and Ukrainian.
- Top Zeus Botnet Suspect “Tank” Arrested in Geneva
Vyacheslav “Tank” Penchukov, the accused 40-year-old Ukrainian leader of a prolific cybercriminal group that stole tens of millions of dollars from small to mid-sized businesses in the United States and Europe, has been arrested in Switzerland, according to multiple sources.
- Lawsuit Seeks Food Benefits Stolen By Skimmers
A nonprofit organization is suing the state of Massachusetts on behalf of thousands of low-income families who were collectively robbed of more than a $1 million in food assistance benefits by card skimming devices secretly installed at cash machines and grocery store checkout lanes across the state. Federal law bars states from replacing these benefits using federal funds, and a recent rash of skimming incidents nationwide has disproportionately affected those receiving food assistance via state-issued prepaid debit cards.
- Patch Tuesday, November 2022 Election Edition
Let's face it: Having “2022 election” in the headline above is probably the only reason anyone might read this story today. Still, while most of us here in the United States are anxiously awaiting the results of how well we've patched our Democracy, it seems fitting that Microsoft Corp. today released gobs of security patches for its ubiquitous Windows operating systems. November's patch batch includes fixes for a whopping six zero-day security vulnerabilities that miscreants and malware are already exploiting in the wild.
- LinkedIn Adds Verified Emails, Profile Creation Dates
For whatever reason, the majority of the phony LinkedIn profiles reviewed by this author have involved young women with profile photos that appear to be generated by artificial intelligence (AI) tools. We’re seeing rapid advances in AI-based synthetic image generation technology and we’ve created a deep learning model to better catch profiles made with this technology. AI-based image generators can create an unlimited number of unique, high-quality profile photos that do not correspond to real people. Fake accounts sometimes use these convincing, AI-generated profile photos to make their fake LinkedIn profile appear more authentic.
- How to build a public profile as a cybersecurity pro
Cybersecurity professionals interested in raising their profiles as subject matter experts can count on social media to become more visible. With everyone being online this may not be enough though. CSO spoke to Forrester analyst Jinan Budge and cybersecurity professionals Katie Moussouris, Troy Hunt, Rachel Tobac, and Christina Morillo about their journeys and their tips for those who want to build their public profile.Some of these professionals have been known for their work for more than two decades while others may have become more prominent in the last decade. But they have all seen and experienced the good and the bad.Step 1: Define your cybersecurity area of expertise and what success mean to you Professionals can use many channels to share their knowledge: blogs, video content, tweets, etc. How a professional decides to share knowledge will vary and it may not work in the first attempt, but one thing is key: Be yourself and discuss a topic you are comfortable with and understand.To read this article in full, please click here
- Financial services increasingly targeted for API-based cyberattacks
A report published Monday by cloud services and CDN (content delivery network) platform Akamai said that the financial services industry is an increasingly popular target for a wide range of cyberattacks, with application and API attacks against the vertical more than tripling in the past year.APIs are a core part of how financial services firms are changing their operations in the modern era, Akamai said, given the growing desire for more and more app-based services among the consumer base. The pandemic merely accelerated a growing trend toward remote banking services, which led to a corresponding growth in the use of APIs.To read this article in full, please click here
- AWS releases Wickr, its encrypted messaging service for enterprises
The release of the enterprise version of the encrypted messaging service, announced at AWS re:Invent, is designed to allow secure collaboration across messaging, voice, video and file sharing.
- Website offering spoofing services taken offline after joint operation
Judicial and law enforcement authorities in Europe, Australia, the US, Ukraine, and Canada took down a so-called spoofing website that allowed fraudsters to impersonate trusted corporations or contacts in order to steal more than $120 million from victims.In a coordinated action led by the UK and supported by Europol and EU judicial cooperation agency Eurojust, a total of 142 suspects were arrested, including the main administrator of the website, according to a statement posted by Europol on November 24.The website provided a paid-for service that provided those who signed up with the ability to anonymously make spoofed calls, send recorded messages, and intercept one-time passwords. During the 16 months the website was live, Europol reported that the site took $3.8 million in fees, while enabling its customers to generate $120 million from illegal ‘spoofing’ campaigns.To read this article in full, please click here
- EU Council adopts NIS2 directive to harmonize cybersecurity across member states
The Council of the European Union (EU) has adopted a new cybersecurity directive designed to improve resilience and incident response capacities across the EU, replacing NIS, the current directive on the security of network and information systems.The new directive, NIS2, will set the baseline for cybersecurity risk management measures and reporting obligations across sectors and aims to harmonize cybersecurity requirements and implementation of measures in different member states.NIS2 enhances EU incident management cooperation “NIS2 will set the baseline for cybersecurity risk management measures and reporting obligations across all sectors that are covered by the directive, such as energy, transport, health and digital infrastructure,” read an EU Council press release.To read this article in full, please click here
- 500 million WhatsApp mobile numbers up for sale on the dark web
A database of 487 million WhatsApp users’ mobile numbers has been put up for sale on the Breached.vc hacking community forum. The data set contains information on WhatsApp users from more than 84 countries, the post shows. The story was first reported by Cybernews.The seller of the leaked data is also offering it through the controversial messaging app Telegram, where the person or the group goes by handle “Palm Yunn.” On the hacking community forum, the user is listed as “Agency123456.” The seller claims the database is from 2022.To read this article in full, please click here
- Top 7 CIAM tools
Customer identity and access management (CIAM), a subset of identity access management (IAM), is used to manage authentication and authorization of account creation and login process for public facing applications. To helps organizations compare their needs against the options in the market, CSO prepared a list with the top seven vendors in the market.To decide for the right CIAM product, organizations must balance the ease of the login experience with a kaleidoscope of business goals for how customers sign-in and leverage their accounts. Marketers want to collect data about customers and their devices. Privacy officers want to ensure the data collection process is fully compliant with privacy regulations. And security and risk professionals want to ensure the integrity of accounts and minimize fraudulent usages of customer credentials.To read this article in full, please click here
- Ransomware Gang Takes Credit for Maple Leaf Foods Hack
The Black Basta ransomware group has taken credit for the recently disclosed attack on Canadian meat giant Maple Leaf Foods. read more
- Vulnerability in Acer Laptops Allows Attackers to Disable Secure Boot
A vulnerability impacting multiple Acer laptop models could allow an attacker to disable the Secure Boot feature and bypass security protections to install malware. read more
- Cybercriminals Selling Access to Networks Compromised via Recent Fortinet Vulnerability
Security researchers at Cyble have observed initial access brokers (IABs) selling access to enterprise networks likely compromised via a recently patched critical vulnerability in Fortinet products. read more
- Oracle Fusion Middleware Vulnerability Exploited in the Wild
The US Cybersecurity and Infrastructure Security Agency (CISA) on Monday warned organizations that a critical Oracle Fusion Middleware vulnerability patched in early 2022 is being exploited in attacks. read more
- Census Bureau Chief Defends New Privacy Tool Against Critics
Report says Census Bureau failed to stop simulated cyberattacks conducted under an operation to test for vulnerabilities read more
- Virginia County Confirms Personal Information Stolen in Ransomware Attack
Southampton County in Virginia last week started informing individuals that their personal information might have been compromised in a ransomware attack. The incident was identified in September, when a threat actor accessed a server at Southampton and encrypted the data that was stored on it. read more
- Project Zero Flags 'Patch Gap' Problems on Android
Vulnerability researchers at Google Project Zero are calling attention to the ongoing “patch-gap” problem in the Android ecosystem, warning that downstream vendors continue to be tardy at delivering security fixes to Android-powered devices. read more