Cybersecurity News


Crypto malware in patched wallets targeting Android and iOS devices

ESET Research uncovers a sophisticated scheme that distributes trojanized Android and iOS apps posing as popular cryptocurrency wallets

The post Crypto malware in patched wallets targeting Android and iOS devices appeared first on WeLiveSecurity

24 March 2022

Mustang Panda hacking group takes advantage of Ukraine crisis in new attacks

Just as criminals seized on the pandemic, this group is trying to capitalize on Russia's invasion of Ukraine.
24 March 2022

Malicious npm packages target Azure developers to steal personal data

Typosquatting and automatic tools are the weapons of choice.
24 March 2022

A Closer Look at the LAPSUS$ Data Extortion Group

Microsoft and identity management platform Okta both disclosed this week breaches involving LAPSUS$, a relatively new cybercrime group that specializes in stealing data from big companies and threatening to publish the information unless a ransom demand is paid. Here's a closer look at LAPSUS$, and some of the low-tech but high-impact methods the group uses to gain access to targeted organizations.
23 March 2022

Okta names Sitel in Lapsus$ security incident impacting up to 366 customers

The analogy "walking away from your computer at a coffee shop" has been used to describe the incident.
23 March 2022

DeadBolt Ransomware Resurfaces to Hit QNAP Again

DeadBolt Ransomware Resurfaces to Hit QNAP Again A new steady stream of attacks against network-attached storage devices from the Taiwan-based vendor is similar to a wave that occurred in January.
23 March 2022

Microsoft: Lapsus$ Used Employee Account to Steal Source Code

Microsoft: Lapsus$ Used Employee Account to Steal Source Code The data-extortion gang got at Microsoft's Azure DevOps server. Meanwhile, fellow Lapsus$ victim and authentication firm Okta said 2.5 percent of customers were affected in its own Lapsus$ attack.
23 March 2022

This is how much the average Conti hacking group member earns a month

While ransom payments can reach millions of dollars, it isn't as much as you'd think.
23 March 2022

Mustang Panda’s Hodur: Old tricks, new Korplug variant

ESET researchers have discovered Hodur, a previously undocumented Korplug variant spread by Mustang Panda, that uses phishing lures referencing current events in Europe, including the invasion of Ukraine

The post Mustang Panda’s Hodur: Old tricks, new Korplug variant appeared first on WeLiveSecurity

23 March 2022

Lapsus$ Data Kidnappers Claim Snatches From Microsoft, Okta

Lapsus$ Data Kidnappers Claim Snatches From Microsoft, Okta Lapsus$ shared screenshots of internal Okta systems and 40Gb of purportedly stolen Microsoft data on Bing, Bing Maps and Cortana.
22 March 2022

‘Spam Nation’ Villain Vrublevsky Charged With Fraud

Pavel Vrublevsky, founder of the Russian payment technology firm ChronoPay and the antagonist in my 2014 book "Spam Nation," was arrested in Moscow this month and charged with fraud. Russian authorities allege Vrublevsky operated several fraudulent SMS-based payment schemes, and facilitated money laundering for Hydra, the largest Russian darknet market. But according to information obtained by KrebsOnSecurity, it is equally likely Vrublevsky was arrested thanks to his propensity for carefully documenting the links between Russia's state security services and the cybercriminal underground.
22 March 2022

Russia Lays Groundwork for Cyberattacks on US Infrastructure – White House

Russia Lays Groundwork for Cyberattacks on US Infrastructure – White House "Evolving intelligence" shows Russia amping up for cyber-war in response to Ukraine-related sanctions, the White House said -- but researchers warn that many orgs are not prepared.
22 March 2022

FIDO: Here’s Another Knife to Help Murder Passwords

FIDO: Here’s Another Knife to Help Murder Passwords After years of promising a passwordless future – really, any day now! – FIDO is proposing tweaks to WebAuthn that could put us out of password misery. Experts aren’t so sure.
22 March 2022

Serpent Backdoor Slithers into Orgs Using Chocolatey Installer

Serpent Backdoor Slithers into Orgs Using Chocolatey Installer An unusual attack using an open-source Python package installer called Chocolatey, steganography and Scheduled Tasks is stealthily delivering spyware to companies.
22 March 2022

Social engineering attacks to dominate Web3, the metaverse

Researchers offer their thoughts on the most prevalent threats faced by emerging technologies.
22 March 2022

Okta says breach evidence posted by Lapsus$ hackers linked to January 'security incident'

Okta claims there is no proof of current malicious activity on its networks.
22 March 2022

Browser-in-the-Browser Attack Makes Phishing Nearly Invisible

Browser-in-the-Browser Attack Makes Phishing Nearly Invisible Can we trust web browsers to protect us, even if they say “https?” Not with the novel BitB attack, which fakes popup SSO windows to phish away credentials for Google, Facebook and Microsoft, et al.
21 March 2022

Facestealer Trojan Hidden in Google Play Plunders Facebook Accounts

Facestealer Trojan Hidden in Google Play Plunders Facebook Accounts The trojanized Craftsart Cartoon Photo Tools app is available in the official Android app store, but it's actually spyware capable of stealing any and all information from victims' social-media accounts.
21 March 2022

Conti Ransomware V. 3, Including Decryptor, Leaked

Conti Ransomware V. 3, Including Decryptor, Leaked The latest is a fresher version of the ransomware pro-Ukraine researcher ContiLeaks already released, but it’s reportedly clunkier code.
21 March 2022

Bridgestone Hit as Ransomware Torches Toyota Supply Chain

Bridgestone Hit as Ransomware Torches Toyota Supply Chain A ransomware attack struck Bridgestone Americas, weeks after another Toyota supplier experienced the same and a third reported some kind of cyber hit.
21 March 2022