David
Massive hike in phishing and malware attacks in Q3 – October 18th
Reports show that phishing and malware attacks have spiked by 173% and 110% respectively in the third quarter of this year, compared with the second quarter of the year. A staggering 493.2 million phishing attacks and 125.7 million malware attacks were logged during this period.
Discord called a ‘hotbed’ of malware activity – October 17th
Discord continues to be used by threat actors to launch malware attacks. Researchers have warned the online platform continues to be used to distribute malware and exfiltrate data. Three ways threat actors have been using Discord include stealing passwords, abusing webhooks, and stealing passwords.
Ancestry data sold by threat actors online – October 10th
Ancestry site 23andMe with nearly 1M users has acknowledged a hacker leak, with hackers listing stolen data relating to family genetics online for sale. The hackers seemed to have targeted users of Ashkenazi Jewish heritage. The data includes the last name, sex, and 23andMe’s evaluation of where their ancestors came from. This is now being investigated, to find out who the threat actors are, along with the motive of the attack.
Upbit announces 159k hack attempts in Q1 – October 9th
Crypto exchange server Upbit has announced it was targeted by hackers 159,000 times during the first quarter of this year. This is more than double the number of hacker attacks it experienced in the same period last year. The figures were released by Dunamu, the company that operates Upbit.
Scattered Spider suspected to be behind Clorox Co breach – October 5th
The hacker group behind the recent breaches of major casino companies, called Scattered Spider, is suspected to be behind a recent attack against Clorox Co in Malaysia. This breach has led to a nationwide shortage of cleaning products and displays the same social-engineering tactics of Scattered Spider.
Google to adapt email sender guidelines for heightened security – October 4th
In response to the increasingly hostile cyber environment, Google will tighten bulk email sending regulations next year. Reports say that the server plans to send new email sender guidelines in February, which will require senders of bulk email to authenticate their emails and adhere to stricter spam regulations.
BunnyLoader is up for sale in the cyber underground market – October 3rd
A new malware threat, identified as BunnyLoader, is being sold in the cyber underground market. This Malware-as-a-Service (MaaS) threat has various capabilities, including stealing browser credentials, and system information as well as executing a second-stage payload.
New malware payload evades detection – October 2nd
Crypto firms have been warned about the new Lazarus malware payload, called 'LightlessCan', which easily evades detection. The malware variant has since been used in fake job scams. The 'LightlessCan' malware was discovered on 29 September, while researchers were investigating a fake employment scam attack leveled against a Spanish aerospace firm.
Budworm Group Targets Middle Eastern Telco Company – September 29th
Chinese hacker group Budworm has been using cyber-espionage malware to target a telecommunications company in the Middle East and an Asian government organization. Reports say attacks have been orchestrated through a new variant of the group's SysUpdate backdoor malware, and that telecommunication companies have become a common target for hacking groups.
60,000 emails seized in US State Department breach – September 28th
Travel itineraries and diplomatic deliberations were among the data within seized emails in a recent hacker breach of the US State Department systems. As many as 60,000 emails were compromised in the attack. Allegedly, this attack had been done by threat actors linked with the Chinese government and reports say the incident is likely to raise concerns on Capitol Hill concerning the ramped-up efforts by Chinese hackers.
HTX falls victim to crypto thieves – September 27th
Cryptocurrency is being increasingly targeted by hackers, with $7.9 million recently stolen in a hack targeting cryptocurrency exchange HTX. The hack attack was identified as soon as it occurred, with HTX authorities stepping up promptly in an innovative way to recover losses. Following the attack, HTX offered a ‘white hat’ ethical hacker a 5% bonus to return the stolen cryptocurrency, amounting to a total bonus of $400,000.
Hack costs Mixin Network $200M – September 26th
Dubbed the ‘biggest hack of the year’, the recent attack on Hong Kong-based digital wallet company, Mixin Network has cost the company $200 million worth of crypto assets. Network authorities have announced that deposits and withdrawals on the site will only recommence once all vulnerabilities have been confirmed and fixed.
Pizza Hut threatened by hackers – September 20th
It seems that no one and no business is immune to hacker activity. Recent reports say that Pizza Hut Australia has again been the victim of threat actors a year after its newsmaking Optus cyber attack. Reports allege customers’ data has been compromised by the incident, which occurred in early September, with the fast food outlet having contacted clients to notify them of the data breach.
US fleet management systems impacted in ransomware attack – September 19th
ORBCOMM, the US trucking and fleet management software provider, has linked recent service outages across freight transportation firms throughout the US to a ransomware attack. These outages prevented the Blue Tree Electronic Logging Device usage and inventory tracking capabilities of the fleet management software. Investigations continue into the identity of the threat actors.
DarkGate again threatens online computer systems – September 15th
A new phishing attack campaign using DarkGate Loader malware has been identified, with Microsoft Teams users being urged to exercise caution. This malware is specifically a 'loader malware' meaning that it is able to download and execute other malware programs on the infected device. The additional malware then downloads in the infected device's memory structure, making it hard to detect since it isn't in the device's file system.