Information

29 Aug

Mom’s Meals issues “Notice of Data Event”: What to know and what to do

by Paul Ducklin US food delivery compeny PurFoods, which trades as Mom’s Meals, has just admitted to a cyberintrusion that took place from 2023-01-16 to 2023-02-22. The company stated officially that: [The] cyberattack […] included the encryption of certain files in our network. Because the investigation identified the presence of tools that could be used for data exfiltration (the unauthorized transfer of data), we can’t rule out the possibility that data was taken from one…

29 Aug

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Information, Insights

The U.S. government today announced a coordinated crackdown against QakBot, a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. The international law enforcement operation involved seizing control over the botnet’s online infrastructure, and quietly removing the Qakbot malware from tens of thousands of infected Microsoft Windows computers. Dutch authorities inside a data center with servers tied to the botnet. Image: Dutch National Police. In an international operation announced…

29 Aug

New ‘MMRat’ Android Trojan Targeting Users in Southeast Asia

Information, News

A newly identified Android trojan targeting users in Southeast Asia is allowing attackers to control devices remotely and perform bank fraud, Trend Micro reports. Dubbed MMRat and active since June, the malware can capture user input and take screenshots, and uses a customized command-and-control (C&C) protocol based on Protobuf, which improves its performance when transferring large amounts of data. The malware has been distributed via websites masquerading as official application stores, and which were tailored…

28 Aug

Acquisition Chatter Swirls Around SentinelOne, BlackBerry

Information, News

Prominent anti-malware vendors SentinelOne and BlackBerry have been separately named in public acquisition chatter, underscoring a clear signal of impending consolidation in cybersecurity. According to published reports, private equity firm Veritas Capital is in early talks to acquire BlackBerry, the venerable tech firm that acquired Cylance and reinvented itself as a cybersecurity vendor. Neither Veritas or BlackBerry has commented on the reports, which say Veritas is interested in acquiring all of the Canadian company, while…

26 Aug

How a Telegram bot helps scammers target victims – Week in security with Tony Anscombe

Information

ESET researchers uncover a Telegram bot that enables even less tech-savvy scammers to defraud people out of their money

25 Aug

Kroll Employee SIM-Swapped for Crypto Investor Data

Data Breaches, Information, Insights

Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services in their ongoing bankruptcy proceedings. And there are indications that fraudsters may already be exploiting the stolen data in phishing attacks. Cryptocurrency lender BlockFi and the now-collapsed crypto trading platform FTX each disclosed data breaches this week thanks to a recent SIM-swapping attack…

25 Aug

Telekopye: Hunting Mammoths using Telegram bot

Information

Analysis of Telegram bot that helps cybercriminals scam people on online marketplaces

25 Aug

S3 Ep149: How many cryptographers does it take to change a light bulb?

Information

by Paul Ducklin HOW MANY CRYPTOGRAPHERS? No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify and anywhere that good podcasts are found. Or just drop the URL of our RSS feed into your favourite podcatcher. READ THE TRANSCRIPT DOUG. Leaky light bulbs, WinRAR bugs, and “Airplane mode, [HIGH RISING TONE] question mark?”…

25 Aug

In Other News: Africa Cybercrime Crackdown, Unpatched macOS Flaw, Investor Disclosures

Information, News

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and…

25 Aug

North Korean APT Hacks Internet Infrastructure Provider via ManageEngine Flaw

Information, News

The North Korea-linked advanced persistent threat (APT) actor Lazarus Group has been observed exploiting a Zoho ManageEngine vulnerability to compromise an internet backbone infrastructure provider in Europe, Cisco’s Talos security researchers report. The attack occurred in early 2023, roughly five days after proof-of-concept (PoC) exploit code targeting the ManageEngine flaw, which is tracked as CVE-2022-47966 (CVSS score of 9.8), was published. Identified in the Apache xmlsec (XML Security for Java) third-party dependency, the issue can…

Mom’s Meals issues “Notice of Data Event”: What to know and what to do

U.S. Hacks QakBot, Quietly Removes Botnet Infections

New ‘MMRat’ Android Trojan Targeting Users in Southeast Asia

Acquisition Chatter Swirls Around SentinelOne, BlackBerry

How a Telegram bot helps scammers target victims – Week in security with Tony Anscombe

Kroll Employee SIM-Swapped for Crypto Investor Data

Telekopye: Hunting Mammoths using Telegram bot

S3 Ep149: How many cryptographers does it take to change a light bulb?

In Other News: Africa Cybercrime Crackdown, Unpatched macOS Flaw, Investor Disclosures

North Korean APT Hacks Internet Infrastructure Provider via ManageEngine Flaw

Search

The 6 Stages of a Vulnerability Management Process

Get Cybersecurity Alerts

Read More

Categories

Site Navigation

Resources