Daily Cyber Brief

4/18/22

Cybersecurity

Currency.com boss: ‘Russia cyberattacked us hours after we quit’

When the London-based billionaire Viktor Prokopenya decided to stop his cryptocurrency exchange group Currency.com serving clients in Russia last week, he did not realise how rapidly the backlash would arrive. Within minutes of the announcement came a torrent of…

Malawi Police Accused of Hacking Website of Investigative Media Organization

The Media Institute of Southern Africa in Malawi (MISA-Malawi), a watchdog group, has accused the Malawi Police Service of hacking a website for the Platform for Investigative Journalism. The accusation comes after the media organization said Thursday that its…

U.S. offers $5 million for info on North Korean cyber operators

The State Department announced Friday that it is offering a reward of up to $5 million for information about North Korean digital operations that help keep the regime afloat and fund its weapons programs. The department’s Rewards for Justice program will issue the money…

Lazarus Targets Chemical Sector With 'Dream Jobs,' Then Trojans

The North Korean-linked Lazarus group sent fake job offers to targets in the chemical sector and information technology firms, which — when opened — install Trojan horse programs to collect information and send it back to the attackers, technology provider…

GitHub Says Hackers Breached Dozens of Organizations Using Stolen OAuth Access Tokens

Cloud-based repository hosting service GitHub on Friday revealed that it discovered evidence of an unnamed adversary capitalizing on stolen OAuth user tokens to unauthorizedly download private data from several organizations. "An attacker abused stolen OAuth user…

Karakurt revealed as data extortion arm of Conti cybercrime syndicate

After breaching servers managed by the cybercriminals, security researchers found a connection between Conti ransomware and the recently emerged Karakurt data extortion group, showing that the two gangs are part of the same operation. The Conti ransomware…

Ransomware groups go after a new target: Russian organizations

In many ransomware incidents, Russia-linked actors often play the role of attacker rather than the victim. But in recent weeks, cyberattacks have crippled Russian companies and disrupted government agencies. Late last month, a ransomware gang by the name of OldGremlin…

Google Emergency Update Fixes Chrome Zero-Day

Google fixed two vulnerabilities in its Chrome web browser as part of an emergency update this week, including a type confusion vulnerability that is already being exploited in the wild. The type confusion vulnerability (CVE-2022-1364) impacts the JavaScript and…

New Industrial Spy stolen data market promoted through cracks, adware

Threat actors have launched a new marketplace called Industrial Spy that sells stolen data from breached companies, as well as offering free stolen data to its members. While stolen data marketplaces are not new, instead of extorting companies and scaring them with GDPR…

T-Mobile customers warned of unblockable SMS phishing attacks

An ongoing phishing campaign targets T-Mobile customers with malicious links using unblockable texts sent via SMS (Short Message Service) group messages. The New Jersey Cybersecurity & Communications Integration Cell (NJCCIC) issued a warning after multiple…

Daily Cyber Brief

4/18/22

Cybersecurity

Join the conversation

Overt Operator