Cybercrime

April 6, 2023

U.S. Attorney Gregory J. Haanstad for the Eastern District of Wisconsin joined the Attorney General and other Justice Department officials in announcing a coordinated international operation that resulted in the dismantlement of Genesis Market, a criminal marketplace accessible on the dark web and clear web that advertised and sold packages of account access credentials – ...

April 5, 2023

The developers of the Typhon info-stealer announced on a dark web forum that they have updated the malware to a major version they advertise as ‘Typhon Reborn V2’ They boast significant improvements designed to thwart analysis via anti-virtualization mechanisms. The original Typhon was discovered by malware analysts in August 2022. Cyble Research Labs analyzed it at the ...

April 5, 2023

The UK’s national office for managing criminal record information (ACRO) has confirmed it’s currently trying to recover from a two-month “cyber security incident”. Few details were revealed by the organisation and other authorities, other than that the attack took place between 17 January and 21 March 2023. Read more… Source: IT Pro  

April 4, 2023

Following a cyberattack on a U.S.-based company, malware researchers discovered what appears to be a new ransomware strain with “technically unique features,” which they named Rorschach. Among the capabilities observed is the encryption speed, which, according to tests from the researchers, would make Rorschach the fastest ransomware threat today. Read more… Source: Bleeping Computer  

April 4, 2023

Uber has had more of its internal data stolen from a third party that suffered a security breach. This time, the personal info of the app’s drivers was swiped by miscreants from the IT systems of law firm Genova Burns. In a letter to affected drivers, the lawyers said they had looked into the intrusion, and ...

April 4, 2023

The Immigration Department’s official website is expected to be restored and accessible to the public later today after remedial action to an earlier cyber-attack, said Datuk Ruslin Jusoh. The Immigration director-general said the department took the website offline earlier in order to perform repairs as well as implement new security measures. Read more… Source:  MSN News  

April 4, 2023

The sites of Tel Aviv University, Hebrew University of Jerusalem, Ben-Gurion University of the Negev, Haifa University, Weizmann Institute of Science, Open University of Israel and Reichman University were among the sites inaccessible due to the cyberattack. The group posted a statement on its Telegram account, listing the attacked websites. “Infrastructure: Universities – Israel’s education sector ...

April 3, 2023

The company said on 3 April that it identified a network security incident on 26 March. It confirmed that an unauthorised third party gained access to a number of the company’s systems. After realising it had been breached, Western Digital enacted its incident response protocols and hired external security and forensic experts. Read more… Source: IT Pro  

April 3, 2023

On March 29, Crowdstrike published a report about a supply chain attack conducted via 3CXDesktopApp, a popular VoIP program. Since then, the security community has started analyzing the attack and sharing their findings. The following has been discovered so far: The infection is spread via 3CXDesktopApp MSI installers. An installer for macOS has also been trojanized. The ...

April 3, 2023

Trend Micro reearchers examine three differently sized criminal groups to know how they compare to similarly sized legitimate businesses in terms of how they are organized. Trend Micro also discuss how threat researchers can use their knowledge of the size and structure of a target criminal organization to aid their investigation. The last 20 years have ...