Daily Cyber Brief

Open source software host Fosshost shutting down, Lazarus hacking group (DPRK) use fake crypto app to breach networks and steal crypto assets, and SIM swapper gets 18 months for crypto heist...

Cybersecurity

Open source software host Fosshost shutting down as CEO unreachable

Open source software hosting and cloud computing provider Fosshost will no longer be providing services as it reaches end of life. Fosshost project volunteers announced the development this weekend following months of difficulties in reaching the leadership…

Hackers use new, fake crypto app to breach networks, steal cryptocurrency

The North Korean 'Lazarus' hacking group is linked to a new attack spreading fake cryptocurrency apps under the made-up brand, "BloxHolder," to install the AppleJeus malware for initial access to networks and steal crypto assets. According to a joint FBI…

SIM swapper gets 18-months for involvement in $22 million crypto heist

Florida man Nicholas Truglia was sentenced to 18 months in prison on Thursday for his involvement in a fraud scheme that led to the theft of millions from cryptocurrency investor Michael Terpin. The funds were stolen following a January 2018 SIM swap attack that…

FBI Director Raises National Security Concerns About TikTok

Wray said the FBI was concerned that the Chinese had the ability to control the app’s recommendation algorithm, “which allows them to manipulate content, and if they want to, to use it for influence operations.” He also asserted that China could use the app to collect data…

Rackspace: Ongoing Exchange outage caused by security incident

American cloud computing services provider Rackspace says an ongoing outage affecting its hosted Microsoft Exchange environments and likely thousands of customers was caused by a security incident. The list of impacted services includes MAPI/RPC, POP, IMAP, SMTP…

Over a Dozen New BMC Firmware Flaws Expose OT and IoT Devices to Remote Attacks

Over a dozen security flaws have been discovered in baseboard management controller (BMC) firmware from Lanner that could expose operational technology (OT) and internet of things (IoT) networks to remote attacks. BMC refers to a specialized service processor, a system-on…

Elon Musk Confirms Twitter 2.0 will Bring End-to-End Encryption to Direct Messages

Twitter chief executive Elon Musk confirmed plans for end-to-end encryption (E2EE) for direct messages on the platform. The feature is part of Musk's vision for Twitter 2.0, which is expected to be what's called an "everything app." Other functionalities include longform…

U.S. Bans Chinese Telecom Equipment and Surveillance Cameras Over National Security Risk

The U.S. Federal Communications Commission (FCC) formally announced it will no longer authorize electronic equipment from Huawei, ZTE, Hytera, Hikvision, and Dahua, deeming them an "unacceptable" national security threat. All these Chinese telecom and video…

Russia-based RansomBoggs Ransomware Targeted Several Ukrainian Organizations

Ukraine has come under a fresh onslaught of ransomware attacks that mirror previous intrusions attributed to the Russia-based Sandworm nation-state group. Slovak cybersecurity company ESET, which dubbed the new ransomware strain RansomBoggs, said the attacks…

U.K. Police Arrest 142 in Global Crackdown on 'iSpoof' Phone Spoofing Service

A coordinated law enforcement effort has dismantled an online phone number spoofing service called iSpoof and arrested 142 individuals linked to the operation. The websites, ispoof[.]me and ispoof[.]cc, allowed the crooks to "impersonate trusted corporations…

Daily Cyber Brief

Open source software host Fosshost shutting down, Lazarus hacking group (DPRK) use fake crypto app to breach networks and steal crypto assets, and SIM swapper gets 18 months for crypto heist...

Cybersecurity

Join the conversation

Overt Operator