Cybersecurity researchers have discovered two new tools used by a prolific hacking group known as FIN7, highlighting how, despite a law enforcement crackdown, the group appears to be thriving and making a lot of money in the process. The Eastern European hacking crew, which researchers say has stolen over $1 billion from victims in recent years, is using a new “dropper” to deliver its malicious code.
A 29-year-old cybercriminal assumed the guise of a prominent California video-game developer and eSports tournament organizer to throw authorities off his cryptomining track, according to an indictment unsealed on Wednesday. Matthew Ho, a citizen of Singapore, allegedly used the developer’s stolen identity and credit-card information to open multiple cloud accounts at Amazon Web Services, and then proceeded to use the computing resources to mine cryptocurrency, including Bitcoin and Ethereum.
Victims of the Nemty Ransomware finally have something to be happy about as researchers have released a decryptor that allows them to recover files for free. Since August 2019, the Nemty Ransomware has been utilizing a variety of distribution methods to infect victims and encrypt their files. The good news is that victims finally get to fight back as researchers from the security firm Tesorion have created a decryptor that works on Nemty versions 1.4 and 1.6, with 1.5 coming soon.
Some types of two-factor authentication (2FA) security can no longer be guaranteed to keep the bad guys out, the FBI is reported to have warned US companies in a briefing note circulated last month. FBI reporting identified several methods cyber actors use to circumvent popular multi-factor authentication techniques in order to obtain the one-time passcode and access protected accounts.
A security flaw, discovered in an open-source software program that is a key component of HP’s TouchPoint Analytics service, is opening up a wide swath of HP computers to attack. The vulnerability, if exploited by local attackers with administrative privileges, can allow them to execute arbitrary code on victim systems. The affected software, Open Hardware Monitor, monitors temperature sensors, fan speeds, voltages, load and clock speeds of a computer.
A Japanese man indicted on Tuesday for allegedly attacking a 21-year-old woman last month appears to have found where his victim lived by analyzing geographic details in an eye reflection captured in one of her social media photos. According to Japanese broadcaster NHK, Hibiki Sato, 26, located the woman's residence by matching the reflected image of a train station she frequented to a Google Street View image and waiting for her so he could follow her and find where she lived.