An unnamed Nigerian man has been arrested over his alleged role leading a cybercrime group that specialized in phishing and business email compromise (BEC). The arrest, announced on Wednesday by Interpol, is the result of an international operation involving law enforcement and several cybersecurity companies. In December 2021, Nigerian police arrested 11 people believed to be involved in BEC schemes. READ MORE...
Miscreants have dumped on Telegram more than 142 million customer records stolen from MGM Resorts, exposing names, postal and email addresses, phone numbers, and dates of birth for any would-be identity thief. The vpnMentor research team stumbled upon the files, which totaled 8.7 GB of data, on the messaging platform earlier this week, and noted that they "assume at least 30 million people had some of their data leaked." MGM Resorts did not respond to The Register's request for comment. READ MORE...
Yesterday, developers took notice of two hugely popular Python and PHP libraries, respectively, 'ctx' and 'PHPass' that had been hijacked, as first reported in the news by BleepingComputer. Both of these legitimate open source projects had been altered to steal developer's AWS credentials. Considering 'ctx' and 'PHPass' have together garnered over 3 million downloads over their lifetimes, the incident sparked much panic and discussion among developers. READ MORE...
Concern has been raised that a coordinated distributed denial-of-service (DDoS) attack from a malicious actor could be associated with the notorious ransomware-as-a-service (RaaS) group REvil. According to a report from Akamai's Security Intelligence Response Team (SIRT), the attack was aimed at one of Akamai's hospitality customers. It consisted of a simple HTTP GET request, with a message demanding payment to a Bitcoin (BTC) wallet in exchange for stopping the attack. READ MORE...
Zoom patched a medium-severity flaw, advising Windows, macOS, iOS and Android users to update their client software to version 5.10.0. The Google Project Zero security researcher Ivan Fratric noted in a report that an attacker can exploit a victim's machine over a zoom chat. The bug, tracked as CVE-2022-22787, has a CVSS severity rating of 5.9. "User interaction is not required for a successful attack. The only ability an attacker needs is to be able to send messages to the victim" Ivan explained. READ MORE...
The ERMAC Android banking trojan has released version 2.0, increasing the number of applications targeted from 378 to 467, covering a much wider range of apps to steal account credentials and crypto wallets. The goal of the trojan is to send stolen login credentials to threat actors, who then use them to take control of other people's banking and cryptocurrency accounts and conduct financial or other forms of fraud. READ MORE...
The great thing about working in the world of cybersecurity is that there's always something new. You may think you've seen it all, and then something comes along that completely surprises you. And that's certainly true of the GoodWill ransomware, which security firm CloudSEK described this week. In fact, the GoodWill ransomware stands out so much from the crowd that you might be forgiven for thinking that it is an April Fool's joke that has somehow broken out at the wrong time of year. READ MORE...
Cisco's Talos research and threat intelligence unit revealed on Wednesday that one of its employees discovered several critical and high-severity vulnerabilities in the Open Automation Software Platform. Open Automation Software is a US-based company that provides connectivity solutions for ICS or IoT devices, databases, and custom applications. The firm says its solutions are used by some of the world's biggest companies, including in the energy, defense, aerospace, healthcare, and water sectors. READ MORE...