Federal authorities on Wednesday arrested the founder of Bitzlato, a cryptocurrency exchange they said has been a financial haven for Russia-aligned criminals engaged in ransomware and illicit drug sales on the dark web. Anatoly Legkodymov, a 40-year-old Russian national residing in Shenzhen, China, was arrested on Wednesday in Miami, US prosecutors said. READ MORE...
Email marketing firm MailChimp suffered another breach after hackers accessed an internal customer support and account administration tool, allowing the threat actors to access the data of 133 customers. MailChimp says the attackers gained access to employee credentials after conducting a social engineering attack on Mailchimp employees and contractors. The attack was first detected on January 11th, after MailChimp detected the unauthorized person accessing their support tools. READ MORE...
The Computer Emergency Response Team of Ukraine (CERT-UA) has linked a destructive malware attack targeting the country's national news agency (Ukrinform) to Sandworm Russian military hackers. "According to preliminary data, provided by CERT-UA specialists, the attack have caused certain destructive effects on the agency's information infrastructure, but the threat has been swiftly localized nonetheless," the State Service of Special Communications and Information Protection of Ukraine said. READ MORE...
The growing use of mobile devices for multifactor authentication increasingly has made telecom providers a juicy target for cybercrime. An ongoing SIM card-swapping campaign by a Chinese threat actor called "Scattered Spider" is just the latest example of that trend. Scattered Spider is an APT group that researchers from CrowdStrike have been tracking for the past several months. READ MORE...
Cisco on Wednesday announced patches for a high-severity SQL injection vulnerability in Unified Communications Manager (CM) and Unified Communications Manager Session Management Edition (CM SME). Designed as enterprise call and session management platforms, Cisco Unified CM and Unified CM SME ensure the interoperability of applications such as Webex, Jabber, and more, while also maintaining availability and security. READ MORE...
Vulnerabilities identified in TP-Link and NetComm router models could be exploited to achieve remote code execution (RCE). Two security defects were identified in TP-Link WR710N-V1-151022 and Archer-C5-V2-160201 SOHO (small office/home office) routers, allowing attackers to execute code, crash devices, or guess login credentials. Tracked as CVE-2022-4498, the first issue is described as a heap overflow caused by crafted packets received during HTTP basic authentication mode. READ MORE...