CyberSecurity Updates

20 Feb

Norway Seizes Record $5.84 Million in Cryptocurrency Stolen by Lazarus Hackers

Attacks, Malware

Although the service was launched in October 2022, it is believed to have facilitated the transfer of tens of millions of dollars from the Horizon and other North Korea-linked cyberattacks. According to data released by Chainalysis, the nation-state group sent 1,429.6 Bitcoin worth about $24.2 million to the mixer during the two months from December 2022 to January 2023. The overlaps in the wallet addresses utilized, their connections to Russia, and the similarities in how…

Read More
20 Feb

Coinbase Cyberattack Targeted Employees with Fake SMS Alert

Attacks, Malware

To protect best against a campaign such as this, it is recommended to provide user education into common phishing tactics as well as overall emerging cybersecurity risks and vulnerabilities. It is important to employ a defense-in-depth strategy to detect this activity at a different portion of the attack chain, such as detecting lateral movement or reconnaissance activity. Binary Defense’s MDR and Threat Hunting services are an excellent solution to assist with such a program. https://www.bleepingcomputer.com/news/security/coinbase-cyberattack-targeted-employees-with-fake-sms-alert/

Read More
20 Feb

Twitter Shuts Off Text-Based 2FA for Non-Subscribers

Information, News

Elon Musk’s Twitter started a security ruckus over the weekend with the sudden decision to turn off text message/SMS method of two-factor authentication (2FA) for anyone not subscribed to its paid Twitter Blue service. “While historically a popular form of 2FA, unfortunately we have seen phone-number based 2FA be used – and abused – by bad actors. So starting today, we will no longer allow accounts to enroll in the text message/SMS method of 2FA…

Read More
20 Feb

GoDaddy connects a slew of past attacks to a multiyear hacking campaign

Data Breaches, Malware, Social Engineering

Web hosting and infrastructure provider GoDaddy said it suspects a recent attack on its infrastructure in December 2022 may be connected to a series of incidents the business has been experiencing since 2020. The attack involved an unauthorized third-party gaining access to and installing malware on GoDaddy’s cPanel hosting servers, the company disclosed in an SEC filing. The company only discovered the security breach following customer reports in early December 2022 that their sites were…

Read More
20 Feb

7 reasons to avoid investing in cyber insurance

Data Breaches, Malware, Social Engineering

With cyberattacks rising at an alarming rate around the world, cyber insurance has become an increasingly popular layer of protection for businesses across all sectors. However, despite its clear appeal as a means of supporting and augmenting cyber risk management, insurance might not be the right fit for all companies in every circumstance. In fact, there are compelling reasons why some might be advised to avoid, delay, or at least seriously reconsider buying or renewing…

Read More
19 Feb

GoDaddy admits: Crooks hit us with malware, poisoned customer websites

Information, Malware

by Paul Ducklin Late last week [2023-02-16], popular web hosting company GoDaddy filed its compulsory annual 10-K report with the US Securities and Exchange Commission (SEC). Under the sub-heading Operational Risks, GoDaddy revealed that: In December 2022, an unauthorized third party gained access to and installed malware on our cPanel hosting servers. The malware intermittently redirected random customer websites to malicious sites. We continue to investigate the root cause of the incident. URL redirection, also…

Read More
18 Feb

Search ads abused to spread malware – Week in security with Tony Anscombe

Information

Threat actors used search engine ads to impersonate makers of popular software and direct internet users to malicious websites This week, the ESET research team has published a report describing a malware campaign that took aim at Chinese-speaking people in Southeast and East Asia. The campaign involved malicious advertisements that appeared in Google search and lead people to fake websites that mimicked the websites of popular applications such as Firefox, WhatsApp, Signal, Skype, and Telegram,…

Read More
18 Feb

Spain Orders Extradition of British Alleged Hacker to U.S.

Information, News

Spain’s National Court has agreed to the extradition to the U.S. of a British citizen who allegedly took part in computer attacks, including the July 2020 hacking of Twitter accounts of public figures such as Joseph Biden, Barack Obama and Bill Gates. A court statement Friday said requirements had been met for handing over Joseph James O’Connor to U.S. authorities for 14 charges covering crimes such as revelation of secrets, membership of a criminal gang,…

Read More
17 Feb

These aren’t the apps you’re looking for: fake installers targeting Southeast and East Asia

Information

ESET researchers have identified a campaign using trojanized installers to deliver the FatalRAT malware, distributed via malicious websites linked in ads that appear in Google search results ESET researchers identified a malware campaign that targets Chinese-speaking people in Southeast and East Asia by buying misleading advertisements to appear in Google search results that lead to downloading trojanized installers. The unknown attackers created fake websites that look identical to those of popular applications such as Firefox,…

Read More
17 Feb

Security amidst a global frost

Information

No longer relegated to a side-show, tech is embedded into virtually every new piece of gear entering the battlefield As military and tech gather to address the frosty world defense conditions and what the intersection of technology’s role is with attendees at AFCEA West, it’s clear that the global warfighting world has changed. No longer relegated to a side-show, tech is embedded into virtually every new piece of gear entering the battlefield, and that is…

Read More