Zeppelin Ransomware Targets Healthcare and IT Companies
A new variant of the VegaLocker/Buran Ransomware called Zeppelin has been spotted infecting U.S. and European companies via targeted installs. This family first started out as VegaLocker and then was renamed to Buran Ransomware, where it was promoted as Ransomware-as-a-Service (RaaS) in May 2019 on Russian malware and hacker forums. Affiliates who joined the RaaS would earn 75% of the ransom payment, while the Buran operators would earn 25%.
Smart Krampus-3PC Malware Targets iPhone Users
A malicious web redirect campaign affecting iPhone users has impacted more than 100 publisher websites, including online newspapers and international weekly news magazines. According to The Media Trust’s Digital Security & Operations (DSO) team, iPhone users visiting any of the impacted websites were redirected in a recent malvertising campaign via a multistage process, to eventually land on a fraudulent popup masquerading as a grocery store reward ad.
Serious Security Flaws Found in Children’s Connected Toys
Various connected toys for children – hot off the shelves from this holiday shopping season – have been found with deep-rooted security issues, including missing authentication for device pairing and a lack of encryption for connected online accounts. The research, formed by a partnership between consumer group Which? and researchers at NCC Group, tested various smart toys available from big-named brands including Spinmaster, Vtech and Mattel.
The Great $50M African IP Address Heist
A top executive at the nonprofit entity responsible for doling out chunks of Internet addresses to businesses and other organizations in Africa has resigned his post following accusations that he secretly operated several companies which sold tens of millions of dollars worth of the increasingly scarce resource to online marketers. The allegations stemmed from a three-year investigation by a U.S.-based researcher whose findings shed light on a murky area of Internet governance that is all too often exploited by spammers and scammers alike.
