ZDNet is reporting Evil Corp, one of the biggest malware operations on the internet, has slowly returned to life after several of its members were charged by the US Department of Justice in December 2019. In a report shared with ZDNet today, Fox-IT, a division within the NCC Group, has detailed the group’s latest activities following the DOJ charges. According to Fox-IT, the group returned in January and spurted a few malware campaigns, usually for other crooks, until March, when they again went silent. Fox-IT says when Evil Corp returned for the second time in 2020 the group created a new…
ISBuzz Team
It has been reported that cyber security company Intego has discovered new malware that disguises itself as a Flash Player. What is most concerning is that it is being distributed via webpages that appear in Google’s search results. Intego has discovered a new Trojan that is specifically designed to circumvent macOS Catalina’s security measures. A Trojan is a type of malware that pretends to be legitimate software, in this case a Flash Player, and is then installed by the user on their own. This particular Trojan is able to bypass these security restrictions because it launches an installation guide that guides the user through the…
As Brits spend more time at home and streaming entertainment amid orders to stay in, McAfee conducted research to identify which popular movies and TV shows available on-demand today pose the highest risk to individuals when being searched for online –especially when they’re on the hunt for “free” content to watch. Given the blurring of boundaries between the office and the home, cyber threats hidden with unofficial or pirate websites now pose a potential risk to the enterprise – with smaller business often relying on staff working on their own personal devices or bigger businesses finding employees using their work…
On Saturday, it is the third anniversary of the NotPetya ransomware attack, one of the most devastating cyberattacks since the invention of the internet. It is thought that the total damages of the attack were in excess of $10 billion. https://twitter.com/limbic/status/1274960268179750912
Hundreds of thousands of potentially sensitive files from police departments across the United States were leaked online last week. The collection, dubbed “BlueLeaks” and made searchable online, stems from a security breach at a Texas web design and hosting company that maintains a number of state law enforcement data-sharing portals. The collection — nearly 270 gigabytes in total — is the latest release from Distributed Denial of Secrets (DDoSecrets), an alternative to Wikileaks that publishes caches of previously secret data.
US CERT has issued an advisory on a ransomware campaign leveraging remote access technologies. Malicious cyber actors are targeting organizations’ networks through remote access tools, such as Remote Desktop Protocol and virtual private networks, to exploit unpatched vulnerabilities and weak authentication. After gaining access, cyber actors use various tools—including mimikatz, PsExec, Cobalt Strike, and Nefilim ransomware—for privilege escalation, lateral movement, persistence, and data exfiltration and encryption. Due to the level of access gained before deploying ransomware, the issue cannot be resolved by simply restoring data from backup.
The Government did a dramatic u-turn on its NHS contact tracing app yesterday – throwing in the towel on developing its own and switching to the more privacy focused Apple-Google model. We’ve seen this coming for weeks and it’s a move the security community has urged since the beginning. Looking at GitHub, there were some fundamental – and serious – failings in security and privacy that doomed this project from the start.
Singapore, Japan, and the US are amongst six nations targeted in a COVID-19 themed phishing campaign that is reportedly scheduled for June 21, during which 8,000 businesses in Singapore may receive email messages from a spoofed Ministry of Manpower account. North Korean state hacker group Lazarus are said to be behind the massive attack that will see more than 5 million businesses and individuals receiving phishing email messages from spoofed government accounts.
A newly discovered spyware effort attacked users through 32 million downloads of extensions to Google’s market-leading Chrome web browser, researchers at Awake Security told Reuters, highlighting the tech industry’s failure to protect browsers as they are used more for email, payroll and other sensitive functions.
Police in England and Wales are taking “excessive” amounts of personal data from smartphones during investigations, the UK’s data watchdog has warned. Taking too much data may deter people from reporting crime or assisting the police, Information Commissioner Elizabeth Denham said. Her report on police mobile phone data extraction (MPE) calls for a “statutory code of practice” for police. An investigation into MPE in Scotland and Northern Ireland continues. In some cases, police ask for data from a witness or victim’s smartphone, not just the suspects’ devices. The Information Commissioner’s Office (ICO) started its investigation following concerns police forces were inconsistent in how they collected data and many took “an overly wide approach to extracting data”.