Notorious FIN7 crooks have new malicious code up their sleeves
Cybersecurity researchers have discovered two new tools used by a prolific hacking group known as FIN7, highlighting how, despite a law enforcement crackdown, the group appears to be thriving and making a lot of money in the process. The Eastern European hacking crew, which researchers say has stolen over $1 billion from victims in recent years, is using a new “dropper” to deliver its malicious code.
Cryptomining Crook Steals Game Developer’s Identity to Carry Out Dirty Work
A 29-year-old cybercriminal assumed the guise of a prominent California video-game developer and eSports tournament organizer to throw authorities off his cryptomining track, according to an indictment unsealed on Wednesday. Matthew Ho, a citizen of Singapore, allegedly used the developer’s stolen identity and credit-card information to open multiple cloud accounts at Amazon Web Services, and then proceeded to use the computing resources to mine cryptocurrency, including Bitcoin and Ethereum.
Nemty Ransomware Decryptor Released, Recover Files for Free
Victims of the Nemty Ransomware finally have something to be happy about as researchers have released a decryptor that allows them to recover files for free. Since August 2019, the Nemty Ransomware has been utilizing a variety of distribution methods to infect victims and encrypt their files. The good news is that victims finally get to fight back as researchers from the security firm Tesorion have created a decryptor that works on Nemty versions 1.4 and 1.6, with 1.5 coming soon.
Hackers bypassing some types of 2FA security FBI warns
Some types of two-factor authentication (2FA) security can no longer be guaranteed to keep the bad guys out, the FBI is reported to have warned US companies in a briefing note circulated last month. FBI reporting identified several methods cyber actors use to circumvent popular multi-factor authentication techniques in order to obtain the one-time passcode and access protected accounts.
HP Touchpoint Analytics Opens PCs to Code Execution Attack
A security flaw, discovered in an open-source software program that is a key component of HP’s TouchPoint Analytics service, is opening up a wide swath of HP computers to attack. The vulnerability, if exploited by local attackers with administrative privileges, can allow them to execute arbitrary code on victim systems. The affected software, Open Hardware Monitor, monitors temperature sensors, fan speeds, voltages, load and clock speeds of a computer.
Stalker attacks Japanese pop singer – after tracking her down using reflection in her eyes
A Japanese man indicted on Tuesday for allegedly attacking a 21-year-old woman last month appears to have found where his victim lived by analyzing geographic details in an eye reflection captured in one of her social media photos. According to Japanese broadcaster NHK, Hibiki Sato, 26, located the woman's residence by matching the reflected image of a train station she frequented to a Google Street View image and waiting for her so he could follow her and find where she lived.
