Daily Cyber Brief

Evil Corp shifts tactics amid sanctions, a Chinese hacking group gains access via app updates, and the Industrial Spy group now hacks corporate websites to display ransom notes...

Cybersecurity

Iran exiles claim disrupting Tehran's surveillance cameras

Government-run surveillance cameras around Iran's capital reportedly were “disrupted” Thursday, while an exile group claimed it hacked into over 5,000 cameras around Tehran ahead of commemoration of the death of the founder of the Islamic Republic…

US Sanctions Force Evil Corp to Change Tactics

Sanctions that the US government imposed on Russia-based crimeware gang Evil Corp in 2019 appear to have forced the threat actor to change tactics to remain in the cybercrime business. New research into the group's activity by Mandiant shows that after the sanctions…

Foxconn: Mexico factory operations ‘gradually returning to normal’ after ransomware attack

Tech manufacturing giant Foxconn said its factory in Mexico is slowly returning to normal after a ransomware attack crippled the facility in May. The LockBit ransomware group claimed to have attacked the company’s offices in Tijuana last month. They threatened to…

Conti Leaks Reveal Ransomware Gang's Interest in Firmware-based Attacks

An analysis of leaked chats from the notorious Conti ransomware group earlier this year has revealed that the syndicate has been working on a set of firmware attack techniques that could offer a path to accessing privileged code on compromised devices. "Control over firmware…

Ransomware gang now hacks corporate websites to show ransom notes

A ransomware gang is taking extortion to a new level by publicly hacking corporate websites to publicly display ransom notes. This new extortion strategy is being conducted by Industrial Spy, a data extortion gang that recently began using ransomware as part of their attacks…

'Clipminer' Malware Actors Steal $1.7 Million Using Clipboard Hijacking

The malware known as Clipminer has earned cyberattackers $1.7 million in cryptocurrency mining and theft via clipboard hijacking so far – and it shows no signs of abating. The Clipminer Trojan, which sports numerous similarities to the KryptoCibule cryptomining…

SideWinder Hackers Use Fake Android VPN Apps to Target Pakistani Entities

The threat actor known as SideWinder has added a new custom tool to its arsenal of malware that's being used in phishing attacks against Pakistani public and private sector entities. "Phishing links in emails or posts that mimic legitimate notifications and services of…

Top 10 Android banking trojans target apps with 1 billion downloads

The ten most prolific Android mobile banking trojans target 639 financial applications that collectively have over one billion downloads on the Google Play Store. Mobile banking trojans hide behind seemingly benign apps like productivity tools and games and commonly…

Chinese LuoYu hackers deploy cyber-espionage malware via app updates

A Chinese-speaking hacking group known as LuoYu is infecting victims WinDealer information stealer malware deployed by switching legitimate app updates with malicious payloads in man-on-the-side attacks. To do that, the threat actors actively monitor their…

Tim Hortons coffee app broke law by constantly recording users’ movements

Canadian investigators determined that users of the Tim Hortons coffee chain's mobile app "had their movements tracked and recorded every few minutes of every day," even when the app wasn't open, in violation of the country's privacy laws. "The Tim Hortons app asked for…

Daily Cyber Brief

Evil Corp shifts tactics amid sanctions, a Chinese hacking group gains access via app updates, and the Industrial Spy group now hacks corporate websites to display ransom notes...

Cybersecurity

Join the conversation

Overt Operator