CyberSecurity Updates

29 Nov

Hacker attempts to sell data of 500 million WhatsApp users on dark web

Attacks, Data Breaches

A hacker has allegedly posted a dataset to the dark web containing the personal information of almost 500 million WhatsApp users. In the post, which was uploaded to hacking forum BreachForums on November 16, the hacker claimed to be selling up-to-date personal information of 487 million WhatsApp users from 84 countries. In the post, the alleged hacker said those who bought the datasets would recieve “very recent mobile numbers” of WhatsApp users. The leak was…

Read More
28 Nov

U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer

Information, Insights

A recent scoop by Reuters revealed that mobile apps for the U.S. Army and the Centers for Disease Control and Prevention (CDC) were integrating software that sends visitor data to a Russian company called Pushwoosh, which claims to be based in the United States. But that story omitted an important historical detail about Pushwoosh: In 2013, one of its developers admitted to authoring the Pincer Trojan, malware designed to surreptitiously intercept and forward text messages from Android mobile devices.…

Read More
28 Nov

Financial services increasingly targeted for API-based cyberattacks

Data Breaches, Malware, Social Engineering

A report published Monday by cloud services and CDN (content delivery network) platform Akamai said that the financial services industry is an increasingly popular target for a wide range of cyberattacks, with application and API attacks against the vertical more than tripling in the past year. APIs are a core part of how financial services firms are changing their operations in the modern era, Akamai said, given the growing desire for more and more app-based…

Read More
28 Nov

Russia-Linked Sandworm Continues Launching Attacks

Attacks, Malware

According to ESET, the most recent cyberattacks have common indicators with attacks launched by Sandworm previously, including the use of PowerShell to distribute ransomware that is “almost identical to the one seen last April during the Industroyer2 attacks against the energy sector.” PowerShell, also known as PowerGap by Ukrainian cyber authorities, was used to introduce the CaddyWiper malware against Ukrainian infrastructure in April 2022, shortly after the Russian invasion. https://cybernews.com/news/sandworm-spawns-monstrous-offspring/ https://thehackernews.com/2022/11/russia-based-ransomboggs-ransomware.html

Read More
28 Nov

Black Reward Claims Attack on Iranian Fars News Agency

Attacks, Malware

The threat group Black Reward has taken credit for the breach of the Islamic Revolutionary Guard Corps (IRGC) managed Fars News Agency out of Iran. The group stated that they deleted nearly 250 terabytes of data and accessed confidential bulletins and directives sent by the news agency to the office of Supreme Leader Ali Khamenei. Additional compromised data includes recorded calls, information on internal portals related to administrative conversations and news folders, image archives, and financial…

Read More
28 Nov

U.S. Bans Sales of Huawei, Hikvision, ZTE, and Dahua Equipment

Attacks, Malware

This is not the first time the U.S. government has been at odds with Chinese telecommunications companies. In February of 2020, after an FBI investigation, Huawei was charged with racketeering conspiracy and with conspiracy to steal trade secrets. Additionally, in 2019, a U.S. affiliate of Huawei was indicted for theft of trade secrets, wire fraud, and obstruction of justice. Earlier this year, in an address to business leaders from across the U.S., FBI director Christopher…

Read More
28 Nov

Virginia County Confirms Personal Information Stolen in Ransomware Attack

Information, News

Southampton County in Virginia last week started informing individuals that their personal information might have been compromised in a ransomware attack. The incident was identified in September, when a threat actor accessed a server at Southampton and encrypted the data that was stored on it. The county says that it took steps to contain the attack immediately after identifying it, and that it launched an investigation into the incident, to determine the type of data…

Read More
28 Nov

AWS releases Wickr, its encrypted messaging service for enterprises

Data Breaches, Malware, Social Engineering

Just days after announcing the close of its consumer-oriented Wickr Me encrypted messaging service, Amazon Web Services (AWS), at its annual re:Invent conference on Monday, said that it was making the enterprise version of the app generally available. Dubbed simply AWS Wickr, the service was first announced in July and has been in preview till now. The enterprise version of the messaging service, designed to allow enterprise users to securely collaborate via text, voice and…

Read More
28 Nov

Website offering spoofing services taken offline after joint operation

Data Breaches, Malware, Social Engineering

Judicial and law enforcement authorities in Europe, Australia, the US, Ukraine, and Canada took down a so-called spoofing website that allowed fraudsters to impersonate trusted corporations or contacts in order to steal more than $120 million from victims. In a coordinated action led by the UK and supported by Europol and EU judicial cooperation agency Eurojust, a total of 142 suspects were arrested, including the main administrator of the website, according to a statement posted…

Read More
28 Nov

EU Council adopts NIS2 directive to harmonize cybersecurity across member states

Data Breaches, Malware, Social Engineering

The Council of the European Union (EU) has adopted a new cybersecurity directive designed to improve resilience and incident response capacities across the EU, replacing NIS, the current directive on the security of network and information systems. The new directive, NIS2, will set the baseline for cybersecurity risk management measures and reporting obligations across sectors and aims to harmonize cybersecurity requirements and implementation of measures in different member states. NIS2 enhances EU incident management cooperation…

Read More