IT Security Newsletter - 5/2/2022
U.S. DoD tricked into paying $23.5 million to phishing actor
The U.S. Department of Justice (DoJ) has announced the conviction of Sercan Oyuntur, 40, resident of California, for multiple counts relating to a phishing operation that caused $23.5 million in damages to the U.S. Department of Defense (DoD). The fraudster managed to divert to his personal bank account DoD funds destined for a jet fuel supplier. After an eight-day trial in Camden, California, Oyuntur was found guilty of conspiracy to commit wire, mail, and bank fraud, unauthorized device access, and other charges. READ MORE...
Spain: 2021 Spyware Attack Targeted Prime Minister's Phone
Spanish officials said Monday that the cellphones of the prime minister and the defense minister were infected last year with Pegasus spyware that is only available to government agencies in an unauthorized operation. Prime Minister Pedro Sánchez's mobile phone was breached twice in May 2021, and Defense Minister Margarita Robles' device was targeted once the following month, Presidency Minister Félix Bolaños said Monday in a hastily convened news conference. READ MORE...
Bad Actors Are Maximizing Remote Everything
The rise of remote work and learning opened new opportunities for many people - as we've seen by the number of people who have moved to new places or adapted to "workcations." Cybercriminals are taking advantage of the same opportunities - just in a different way. Evaluating the prevalence of malware variants by region reveals a sustained interest by cyber adversaries in maximizing the remote work and learning attack vector. READ MORE...
REvil ransomware returns: New malware sample confirms gang is back
The notorious REvil ransomware operation has returned amidst rising tensions between Russia and the USA, with new infrastructure and a modified encryptor allowing for more targeted attacks. In October, the REvil ransomware gang shut down after a law enforcement operation hijacked their Tor servers, followed by arrests of members by Russian law enforcement. However, after the invasion of Ukraine, Russia stated that the US had withdrawn from the negotiation process regarding the REvil gang. READ MORE...
Data-wiper malware strains surge as Ukraine battles ongoing invasion
Security researchers have detailed six significant strains of data-wiping malware that have emerged in just the first quarter of 2022, a huge surge over previous years. This increase coincides with the invasion of Ukraine, and all of these wipers have been used against that state's infrastructure and organizations. One of the wipers also took wind turbines in Germany offline, satellite communication modems in Ukraine seemingly being the primary target in this specific attack. READ MORE...
55% of people rely on their memory to manage passwords
Bitwarden announced the results of its global password management survey, in advance of World Password Day on May 5th, 2022. While receptive to the importance of security, individuals continue to struggle with embracing password management habits that could better protect their data. In the US, 31% of respondents experienced a data breach in the last 18 months, as compared to 23% globally. READ MORE...
- ...in 1918, General Motors acquires the Chevrolet Motor Car Company.
- ...in 1929, classic rock guitarist/songwriter Link Wray (best known for his instrumental "Rumble") is born in Dunn, NC.
- ...in 1972, professional wrestler/action star Dwayne "The Rock" Johnson is born in Hayward, CA.
- ...in 2011, Al-Qaeda mastermind Osama bin Laden is shot and killed by Navy SEAL Team 6 in a raid on his compound in Abbottabad, Pakistan.