Clop gang partners laundered $500 Million in ransomware payments
thehackernews.com/2021/06/clop-gang-members-laundered-500-million.html The cybercrime ring that was apprehended last week in connection with Clop (aka Cl0p) ransomware attacks against dozens of companies in the last few months helped launder money totaling $500 million for several malicious actors through a plethora of illegal activities. While the bust was seen as a major blow to the operations of the Clop gang, the hackers published earlier this week a fresh batch of confidential employee records stolen from a previously unknown victim on their dark web portal, raising the possibility that the arrested suspects may have been affiliates who play a lesser role in the operations.
Using VMs to hide ransomware attacks is becoming more popular
therecord.media/using-vms-to-hide-ransomware-attacks-is-becoming-more-popular/ In early 2020, security researchers were baffled to discover that a ransomware gang had come up with an innovative trick that allowed it to run its payload inside virtual machines on infected hosts as a technical solution that bypassed security software.
Microsoft signed a malicious Netfilter rootkit
www.gdatasoftware.com/blog/microsoft-signed-a-malicious-netfilter-rootkit What started as a false positive alert for a Microsoft signed file turns out to be a WFP application layer enforcement callout driver that redirects traffic to a Chinese IP.
The Ghosts of Mirai
www.fortinet.com/blog/threat-research/the-ghosts-of-mirai It has been almost five years since the source code of the notorious MIRAI IoT malware was released to the public by its author in late 2016. This event led to the emergence of numerous copycats, creating their own flavors of IoT botnet armies. Although improvements have been constantly added since then by various threat actors, the structure and goal of the campaigns have remained the same.
Mercedes-Benz data breach exposes SSNs, credit card numbers
www.bleepingcomputer.com/news/security/mercedes-benz-data-breach-exposes-ssns-credit-card-numbers/ The data breach exposed credit card information, social security numbers, and driver license numbers of under 1, 000 Mercedes-Benz customers and potential buyers.
Gaming industry under siege from cyberattacks during pandemic
www.welivesecurity.com/2021/06/24/gaming-industry-under-siege-cyberattacks-pandemic/ During the COVID-19 pandemic, the gaming industry has seen greater growth in cyberattacks than any other industry, according to content delivery network (CDN) provider Akamai. Web application attacks against gaming companies rose by 340 percent between 2019 and 2020 and by as much as 415 percent between 2018 and 2020.
Zyxel firewalls and VPNs under active cyberattack
thehackernews.com/2021/06/watch-out-zyxel-firewalls-and-vpns.html Zyxel is warning customers of an ongoing attack targeting a “small subset” of its security products such as firewall and VPN servers.
Cisco ASA Bug Now Actively Exploited
threatpost.com/cisco-asa-bug-exploited-poc/167274/ In-the-wild XSS attacks have commenced against the security appliance (CVE-2020-3580), as researchers publish exploit code on Twitter.
Windows 11 won’t work without a TPM
www.bleepingcomputer.com/news/microsoft/windows-11-wont-work-without-a-tpm-what-you-need-to-know/ Today, Microsoft announced the system requirements to upgrade or install Windows 11 and included a new PC Health Check tool that you can use to check if your hardware is compatible with Windows 11. With Windows 11, Microsoft has brought security to the forefront by requiring a TPM to be installed.
AWS Has Acquired Encrypted Messaging Service Wickr
techcrunch.com/2021/06/25/aws-is-buying-encrypted-messaging-service-wickr/ Amazon’s cloud services giant Amazon Web Services (AWS) is getting into the encrypted messaging business. The company has just announced that it has acquired secure communications service Wickr a messaging app that has geared itself towards providing services to government and military groups and enterprises. It claims to be the only “collaboration service” that meets security criteria set out by the NSA.
Pankkien nimissä huijattu tänä vuonna jo 5 miljoonaa euroa
www.kauppalehti.fi/uutiset/pankkien-nimissa-huijattu-tana-vuonna-jo-5-miljoonaa-euroa-poliisi-neuvoo-miten-huijauksen-voi-havaita/0f063943-7527-4616-b454-355f471c583e Poliisi varoittaa nousevasta rikosilmiöstä, jossa rikolliset kalastelevat verkkopankkitunnuksia pankkien verkkosivuja muistuttavien valesivustojen avulla. Verkkopankilta näyttäville valesivustoille päätyy useimmiten joko pankin nimissä saapuneen teksti- tai sähköpostiviestin kautta tai verkon hakukoneen hakutuloksista.