Daily Cyber Brief

Prestige ransomware found targeting Poland and Ukraine, INTERPOL arrests Black Axe members, and almost 900 servers were hacked using Zimbra 0-day...

Cybersecurity

Xi Jinping hails 'improved cyber ecology', says state to direct strategic tech research

Chinese president Xi Jinping has opened the 20th Congress of the Chinese Communist Party with a call for the nation he leads to win the race for development of “core technologies” and to become self-reliant in strategic tech. The speech marked a shift in president Xi's language…

INTERPOL arrests ‘Black Axe’ cybercrime syndicate members

INTERPOL has arrested over 70 suspected members of the 'Black Axe' cybercrime syndicate, with two believed to be responsible for $1.8 million in financial fraud. The suspects were arrested as part of 'Operation Jackal,' an international law enforcement operation between…

CISA releases open-source 'RedEye' C2 log visualization tool

The U.S. Cybersecurity and Infrastructure Security (CISA) agency has announced RedEye, an open-source analytic tool for operators to visualize and report command and control (C2) activity. RedEye is for both red and blue teams, providing an easy way to gauge data that…

Researchers Detail Windows Zero-Day Vulnerability Patched Last Month

Details have emerged about a now-patched security flaw in Windows Common Log File System (CLFS) that could be exploited by an attacker to gain elevated permissions on compromised machines. Tracked as CVE-2022-37969 (CVSS score: 7.8), the issue was…

New ‘Prestige’ ransomware campaign targets Ukraine and Poland

A coordinated ransomware campaign targeted the transportation and logistics sectors in Ukraine and Poland this week with a previously unknown payload, researchers from Microsoft said Friday. The company’s Threat Intelligence Center said it observed the malware…

Police tricks DeadBolt ransomware out of 155 decryption keys

The Dutch National Police, in collaboration with cybersecurity firm Responders.NU, tricked the DeadBolt ransomware gang into handing over 155 decryption keys by faking ransom payments. DeadBolt is a ransomware operation active since January and known for…

'Baby Al Capone' to pay $22m to SIM-swap crypto-heist victim

A man who lost $24 million in cryptocurrency in an elaborate SIM swapping scam has won a multi-million-dollar judgment against the thief, who was 15 at the time of the hustle. According to court documents [PDF] filed Friday in federal New York City court, Ellis Pinsky…

Almost 900 servers hacked using Zimbra zero-day flaw

Almost 900 servers have been hacked using a critical Zimbra Collaboration Suite (ZCS) vulnerability, which at the time was a zero-day without a patch for nearly 1.5 months. The vulnerability tracked as CVE-2022-41352 is a remote code execution flaw that allows…

Fortinet urges admins to patch bug with public exploit immediately

Fortinet urges customers to urgently patch their appliances against a critical authentication bypass FortiOS, FortiProxy, and FortiSwitchManager vulnerability exploited in attacks. The company released security updates to address the flaw (CVE-2022-40684) last week and it…

New PHP information-stealing malware targets Facebook accounts

A new Ducktail phishing campaign is spreading a never-before-seen Windows information-stealing malware written in PHP used to steal Facebook accounts, browser data, and cryptocurrency wallets. Ducktail phishing campaigns were first revealed by researchers from…

Daily Cyber Brief

Prestige ransomware found targeting Poland and Ukraine, INTERPOL arrests Black Axe members, and almost 900 servers were hacked using Zimbra 0-day...

Cybersecurity

Join the conversation

Overt Operator