CyberSecure Specialist

17 Mar

Feds Charge NY Man as BreachForums Boss “Pompompurin”

Information, Insights

The U.S. Federal Bureau of Investigation (FBI) this week arrested a New York man on suspicion of running BreachForums, a popular English-language cybercrime forum where some of the world biggest hacked databases routinely show up for sale. The forum’s administrator “Pompompurin” has been a thorn in the side of the FBI for years, and BreachForums is widely considered a reincarnation of RaidForums, a remarkably similar crime forum that the FBI infiltrated and dismantled in 2022.…

Read More
17 Mar

SVB collapse is a scammer’s dream: Don’t get caught out

Information

How cybercriminals can exploit Silicon Valley Bank’s downfall for their own ends – and at your expense Big news events and major crises usually trigger an avalanche of follow-on phishing attempts. The COVID-19 pandemic and Russia’s invasion of Ukraine are perhaps the most obvious examples, but the most recent one is the collapse of Silicon Valley Bank (SVB). The mid-sized US lender and a key financer of tech start-ups held tens of billions of dollars’…

Read More
17 Mar

Dangerous Android phone 0-day bugs revealed – patch or work around them now!

Information

by Paul Ducklin Google has just revealed a fourfecta of critical zero-day bugs affecting a wide range of Android phones, including some of its own Pixel models. These bugs are a bit different from your usual Android vulnerabilities, which typically affect the Android operating system (which is Linux-based) or the applications that come along with it, such as Google Play, Messages or the Chrome browser. The four bugs we’re talking about here are known as…

Read More
17 Mar

BianLian Ransomware Gang Shifts Focus to Pure Data Extortion

Attacks, Malware

CPR’s analysis revealed that the gang has already targeted several organizations, including a large US-based medical testing laboratory, and a multinational pharmaceutical company, among others. The group’s modus operandi involves exfiltrating data, encrypting it, and then publishing it on their data leak site if the victim refuses to pay the ransom. CPR warns that BianLian’s shift in tactics could inspire other ransomware groups to follow suit, creating more problems for organizations already grappling with the…

Read More
17 Mar

Google Finds 18 Zero-Day Vulnerabilities in Samsung Exynos Chipsets

Attacks, Malware

Device owners should install patches for these vulnerabilities as soon as they are made available by the vendor. It was also recommended to disable Wi-Fi calling and Voice-over-LTE to mitigate the impact of the vulnerabilities until patches are released. https://www.bleepingcomputer.com/news/security/google-finds-18-zero-day-vulnerabilities-in-samsung-exynos-chipsets/

Read More
17 Mar

Adobe Acrobat Sign Abused to Push Redline Info-Stealing Malware

Attacks, Malware

While it isn’t necessarily a novel tactic to utilize legitimate resources to aid in phishing campaigns, it is an effective one. Often when an end-user receives a phishing email from a legitimate source such as Adobe Sign, it makes them much more likely to fall for it as many users don’t know how to properly identify a phishing email. Many times, training around phishing states to look for things such as a suspicious title, suspicious…

Read More
17 Mar

Latitude Financial Services Data Breach Impacts 300,000 Customers

Data Breaches, Information, News

Australian financial services company Latitude Financial Services is notifying roughly 300,000 customers that their personal information might have been compromised in a data breach. A subsidiary of Deutsche Bank and KKE operating since 2015 and headquartered in Melbourne, Latitude is the largest non-bank lender of consumer credit in Australia, also offering services in New Zealand, under the brand Gem Finance. On Thursday, the company disclosed falling victim to a cyberattack that forced it to suspend…

Read More
17 Mar

US Government Warns Organizations of LockBit 3.0 Ransomware Attacks

Information, News

The Federal Bureau of Investigation (FBI), the Cybersecurity and Information Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) this week issued an alert on the LockBit 3.0 ransomware operation. Since January 2020, LockBit has functioned based on the ransomware-as-a-service (RaaS) model, targeting a broad range of businesses and critical infrastructure entities and using a variety of tactics, techniques, and procedures (TTPs). Also referred to as LockBit Black, LockBit 3.0 has a…

Read More
17 Mar

Two Patch Tuesday flaws you should fix right now

Data Breaches, Malware, Social Engineering

Microsoft released its monthly security bulletin this week, covering patches for over 80 vulnerabilities across its products. However, two of them had already been used by attackers before patches were released. One vulnerability affects all supported versions of Outlook for Windows and allows attackers to steal Net-NTLMv2 hashes and then use them in NTLM (New Technology LAN Manager) relay attacks against other systems. The second allows attackers to bypass Microsoft SmartScreen, a technology built into…

Read More