Information

30 Nov

Hackers Dump Australian Health Data Online, Declare ‘Case Closed’

Information, News

The hackers leaking stolen Australian health records to the dark web on Thursday appeared to end their extortion attempt by dumping a final batch of data online and declaring:”Case closed.” In November the hackers demanded health insurer Medibank pay US$9.7 million to keep the records off the internet — or one dollar for each of the company’s impacted customers, which included Prime Minister Anthony Albanese. Medibank refused to pay at the urging of the federal…

Read More
30 Nov

RansomBoggs: New ransomware targeting Ukraine

Information

ESET researchers spot a new ransomware campaign that goes after Ukrainian organizations and has Sandworm’s fingerprints all over it The ESET research team has spotted a new wave of ransomware attacks taking aim at multiple organizations in Ukraine and bearing the hallmarks of other campaigns previously unleashed by the Sandworm APT group. Even though the ransomware – called RansomBoggs by ESET and written in the .NET framework – is new, particularly the way it is…

Read More
30 Nov

TikTok “Invisible Challenge” porn malware puts us all at risk

Information, Malware

by Paul Ducklin Researchers at secure coding company Checkmarx have warned of porn-themed malware that’s been attracting and attacking sleazy internet users in droves. Unfortunately, the side-effects of this malware, dubbed Unfilter or Space Unfilter, apparently involve plundering data from the victim’s computer, including Discord passwords, thus indirectly exposing the victim’s contacts – such as colleagues, friends and family – to spams and scams from cybercriminals who can now pose as someone those people know.…

Read More
29 Nov

Ransomware Gang Takes Credit for Maple Leaf Foods Hack

Information, News

The Black Basta ransomware group has taken credit for the recently disclosed attack on Canadian meat giant Maple Leaf Foods. The cybercriminals have made public several screenshots of technical documents, financial information and other corporate files to demonstrate that they gained access to Maple Leaf Foods systems. Maple Leaf Foods announced in early November that it was experiencing an outage as a result of a cyberattack. The Mississauga, Ontario-based packaged meats company said it took…

Read More
28 Nov

U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer

Information, Insights

A recent scoop by Reuters revealed that mobile apps for the U.S. Army and the Centers for Disease Control and Prevention (CDC) were integrating software that sends visitor data to a Russian company called Pushwoosh, which claims to be based in the United States. But that story omitted an important historical detail about Pushwoosh: In 2013, one of its developers admitted to authoring the Pincer Trojan, malware designed to surreptitiously intercept and forward text messages from Android mobile devices.…

Read More
28 Nov

Virginia County Confirms Personal Information Stolen in Ransomware Attack

Information, News

Southampton County in Virginia last week started informing individuals that their personal information might have been compromised in a ransomware attack. The incident was identified in September, when a threat actor accessed a server at Southampton and encrypted the data that was stored on it. The county says that it took steps to contain the attack immediately after identifying it, and that it launched an investigation into the incident, to determine the type of data…

Read More
27 Nov

Chrome fixes 8th zero-day of 2022 – check your version now

Information

by Paul Ducklin Google has just patched Chrome’s eighth zero-day hole of the year so far. Zero-days are bugs for which there were zero days you could have updated proactively… …because cybercriminals not only found the bug first, but also figured out how to exploit it for nefarious purposes before a patch was prepared and published. So, the quick version of this article is: go to Chrome’s Three-dot menu (⋮), choose Help > About Chrome,…

Read More
25 Nov

Know your payment options: How to shop and pay safely this holiday season

Information

‘Tis the season for shopping and if you too are scouting for bargains, make sure to keep your money safe when snapping up those deals The day has come: it’s Black Friday, and once-in-a-year promotions, discounts and deals are everywhere. The rush to grab a bargain has started in earnest, and in times of soaring inflation many deal-hungry shoppers are ready to make big purchases, perhaps the kinds of purchases they didn’t get to make…

Read More
25 Nov

Spyware posing as VPN apps – Week in security with Tony Anscombe

Information

The Bahamut APT group distributes at least eight malicious apps that pilfer victims’ data and monitor their messages and conversations This week, ESET researchers published their analysis of a malicious campaign where the Bahamut APT group targets Android users via trojanized versions of two legitimate VPN apps – SoftVPN and OpenVPN. Since January 2022, Bahamut has distributed at least eight malicious apps in order to pilfer sensitive user data and actively spy on victims’ messaging…

Read More
25 Nov

Voice-scamming site “iSpoof” seized, 100s arrested in massive crackdown

Information

by Naked Security writer These days, most of us have telephones that display the number that’s calling before we answer. This “feature” actually goes right back to the 1960s, and it’s known in North American English as Caller ID, although it doesn’t actually identify the caller, just the caller’s number. Elsewhere in the English-speaking world, you’ll see the name CLI used instead, short for Calling Line Identification, which seems at first glance to be a…

Read More