Tag: Cybersecurity
Blockchains lose $1.8 billion to cybercrime
Web 3.0, the blockchain version of the traditional internet that hosts decentralized blockchain crypto-currencies, lost over US$1.8 billion in 2023 to cybercrime. Newly released findings from cybersecurity firm Certik’s latest Hack3D Annual Report cast a pall over the US Securities and Exchange Commission (SEC)’s much-anticipated approval of up to a dozen Bitcoin ETFs (exchange-traded funds) on Wednesday. It will also cast a long shadow over the hoped-for institutional acceptance of crypto-currencies by influential financial entities, including Swift, the Hong Kong Monetary Authority, and the Australia and New Zealand Banking Group (ANZ). In the second half of last year, the SEC scrutinized a series of proposals, notably extending review periods for Bitcoin ETF applications from major firms like BlackRock, ARK, and Fidelity.
Cyberattack Shuts Down loanDepot IT Systems – January 8th
In response to complaints regarding its payment portal, loanDepot informed its customers that they fell victim to a cyberattack that shut down its IT systems, disrupting its business operations. Currently in coordination with law enforcement and forensics experts to further investigate the attack. The attack on loanDepot marks the second major cyberattack on a US mortgage loan provider in the past few months, after the cyberattack on Mr. Cooper.
Google to Test Third-Party Cookies Restrictions by End of 2024 – January 5th
As part of Google's "Privacy Sandbox" initiative, Google Chrome plans to test removing third-party cookies for 1% of its users by the end of 2024. Going against the pleas of Google-focused advertisers, Google's move to remove these third-party cookies used to track user data to build targeted advertiser profiles aims to enhance the web browser's data privacy.
CISA Warns Google Chrome Users of Open Source Vulnerabilities – January 4th
In an announcement addressed to US Federal Agencies, the Cybersecurity and Infrastructure Security Agency (CISA) warned Google Chrome users of a vulnerability (CVE-2023-7101) impacting the web browser's open-source Perl library. The Google vulnerability affects an open-source project, Google Chromium WebRTC, which as a result allows threat actors to cause browser crashes and launch other actions.
$80M in Crypto Stolen from Orbit Chain Cyberattack – January 3rd
Orbit Chain revealed to its users that as a result of a cyber attack, $84.5M worth of Ethereum and DAI (cryptocurrencies) were illicitly transferred to seven wallet addresses on the 1st of January. Orbit Chain is now coordinating with the Korean National Police Agency and the Korea Internet & Security Agency (KISA) to find the threat actors behind the cyber attacks, and to further protect its customers' crypto wallets.
Cyber-gangs to launch media offensive in 2024
Cybercrime, which has become a multi-trillion-dollar industry over recent decades, became increasingly sophisticated during 2023, with criminal groups now adopting many of the business practices used by legitimate enterprises. According to a new report from cybersecurity firm, Sophos, leading ransomware gangs now increasingly employ their own internal HR and PR departments. Far from shying away from the media, as criminals always have in the past, some ransomware gangs have been swift to seize the opportunities it affords them. Some regularly issue press releases and take great pains to forge relationships with individual journalists using the same PR methods as those employed by legitimate corporations. Threat actors also offer Frequently Asked Questions (FAQs) and answers for journalists visiting their leak sites, encouraging reporters to get in touch, give in-depth interviews, and recruit writers, reports Sophos.
Researchers Uncover a Tesla Autopilot Exploit – January 2nd
Researchers from the Technische Universität Berlin managed to hack into Tesla's autopilot system, granting them access to internal hardware and hidden capabilities. The university's researchers using inexpensive tools amounting to $600 hacked into Tesla's ARM64-based circuit board of the car's autopilot system. The researchers' hack on Tesla allowed them access to arbitrary code, user data, cryptographic keys, system parts, a deleted GPS coordinates video, and the hidden "Elon-mode" allowing the cars to have a fully hands-free self-driving feature.
Cyberattack Halts Albanian Parliament Data System – December 29th
Albania's Parliament announced it was hit by a cyberattack targeting its data system, resulting in halting the Parliament's services. The Albanian Parliament assured that although disrupted, the data was not encrypted by the threat actors and that their services would go back online soon.
H2 2023 Dominated by AI Malicious Activity and Android Spyware Threats – December 28th
According to an ESET report, the threat landscape of the second half of 2023 was dominated by AI-generated malicious activity and newly emerged Android spyware. Coming from ESET's "Threat Report: H2 2023," based on the firm's recorded incidents, the report also states that a new economy has arisen from OpenAI API keys, especially for cybercriminals.
62% of Top Ransomware Groups Activated Remote Attacks in 2023 – December 27th
According to Sophos' latest report, 62% of the most active ransomware groups in the world deliberately enable remote encryption for their attacks. Sophos' report entitled "CryptoGuard: An Asymmetric Approach to the Ransomware Battle," gathered the data based on Sophos' detected and halted ransomware attacks in 2023. The report further stated that remote encryption is used as a tactic for effective, widespread ransomware attacks within organizations, aiming to steal as much sensitive information as possible.
‘GTA V’ Source Code Leaked on Telegram Channel – December 26th
Links to Rockstar Games’ 'GTA V' source code were posted on a Telegram group, later posted on Discord servers and a dark web site. The Rockstar Games leak ensued a year after threat actor group, Lapsus$ claimed a cyberattack on the gaming giant. Lapsus$ hacker, Arion Kurtaj is the suspected source of the video game's code distribution.
November’s Ransomware Leak Victims Reach Record High – December 25th
A record-high 484 ransomware victims were posted on publicly available sites in November 2023, according to a Corvus Insurance report. The spike in ransomware victims' information being leaked reflects a 39.08% increase compared to October 2023 and a staggering 110.43% increase compared to November 2022.