A hacker accused of selling hundreds of millions of stolen credentials from last year's "Collection 1" data dump on the dark web has been arrested in the Ukraine. The Security Service of Ukraine (SSU) took into custody a threat actor known as "Sanix," who they claim posted 773 million e-mail addresses and 21 million unique passwords on a hacker forum last year, according to a press release. The SSU said it worked with the Ukrainian cyber police and National Police on the investigation. READ MORE...
Customers who used the Home Chef delivery service won't be the first to know their data was stolen and put up for sale. Nearly two weeks after security researchers said they found usernames and passwords belonging to Home Chef users for sale, the Chicago-based company said a security incident has resulted in the compromise of information about an undisclosed number of its customers. READ MORE...
Japan is investigating a possible breach of sensitive defense contracting data following a cyberattack last year on electronics giant Mitsubishi Electric, officials said Wednesday. Data likely stolen in the hack, which Mitsubishi disclosed earlier this year, included specifications of hypersonic missile prototypes that Japan is developing, according to a report in Asahi Shimbun, a Japanese newspaper. READ MORE...
A hacker has been taking justice into their own hands by targeting "scam" companies with ransomware and denial of service attacks. Last week a new ransomware was discovered called MilkmanVictory that a hacking group stated they created to attack scammers. In a conversation with BleepingComputer, the hacking group known as 'CyberWare' stated that they have started targeting companies performing what they call "loan scams." READ MORE...
LogMeIn users are being targeted with fake security update requests, which lead to a spoofed phishing page. "Should recipients fall victim to this attack, their login credentials to their LogMeIn account would be compromised. Additionally, since LogMeIn has SSO with Lastpass as LogMeIn is the parent company, it is possible the attacker may be attempting to obtain access to this user's password manager," Abnormal Security noted. READ MORE...
A highly-targeted phishing attack pretends to deliver subpoenas, but actually ends up collecting victims' Office 365 credentials. The ongoing campaign has slipped by Office 365 and gateway security controls to hit several C-Suite level victims thus far. The phishing emails spoof the U.S. Supreme Court, aiming to capitalize on scare tactics to convince targets to click on an embedded link. READ MORE...
Video game companies are once again victims of the Winnti hacking group, who used new malware that researchers named PipeMon and a novel method to achieve persistence. PipeMon is a modular backdoor identified earlier this year on servers belonging to several developers of massively multiplayer online (MMO) games. Winnti activity has been detected as far back as 2011. Most of its victims are from the video game and software industry but the group also targeted healthcare and education organizations. READ MORE...
As businesses operate under the COVID-19 shutdown, they undergo forced digitalization. Many people are teleworking, exponentially expanding remote access loads. Organizations also experience disruption to the supply chain, business continuity/disaster recovery (BC/DR) issues, and ramped-up cyberattacks. How well they are able to navigate the new abnormal depends on where they fall in the network security continuum between a relatively closed or relatively open "zero-trust" environment. READ MORE...
As the well-worn internet saying goes - there is no cloud, it's just someone else's computer. It opens our coverage of the news last February that some Google Photos data had been inadvertently made accessible to the wrong users. Now Microsoft has suffered its own smaller version of the same phenomenon on the Office 365 platform (or Microsoft 365 as its business versions are now called). READ MORE...