Daily Cyber Brief
Interpol captured the head of a Nigerian BEC group, CISA adds 41 new vulnerabilities to be patched, and a new bug on Zoom allows for a zero-click RCE...
Cybersecurity
At the height of his career, Vietnamese hacker Ngo Minh Hieu made a fortune stealing the personal data of hundreds of millions of Americans. Now he has been recruited by his own authoritarian government to hunt, he says, the kind of cyber criminal he once used to be…
Interpol said Wednesday that it struck a major blow against a cybercrime group known for business email compromise (BEC) scams aimed at stealing money from companies around the world. The international law enforcement agency announced that the cybercrime unit of…
A slip-up by a malware author has allowed researchers to taxonomize three ransomware variations going by different names. For a year now, threat actors have been using different versions of the same ransomware builder – “Chaos” – to attack governments, corporations…
A vulnerability chain discovered in Zoom's chat functionality can be exploited to allow zero-click remote code execution (RCE), threat hunters have revealed. Google's Project Zero uncovered an attack path that would allow cyber adversaries to silently force a victim to…
The Cybersecurity and Infrastructure Security Agency (CISA) has added 41 vulnerabilities to its catalog of known exploited flaws this week. The US federal agency has urged all organizations to remediate these vulnerabilities promptly to “reduce their exposure to…
New research into the inner workings of the stealthy BPFdoor malware for Linux and Solaris reveals that the threat actor behind it leveraged an old vulnerability to achieve persistence on targeted systems. BPFDoor is a custom backdoor that has been used largely undetected for…
The Conti ransomware gang has published all of the data it stole during a January attack on the government servers of Linn County, Oregon. The group — which appears to be reorganizing itself, according to cybersecurity experts — released nearly 1,500 documents…
A new ransomware named ‘Cheers’ has appeared in the cybercrime space and has started its operations by targeting vulnerable VMware ESXi servers. VMware ESXi is a virtualization platform commonly used by large organizations worldwide, so encrypting them typically…
‘Ransomware with a cause’ has been detected in New Delhi, India. The cryptoviral extortion demands that people donate clothing to the homeless, provide children with food in branded pizza shops and offer financial assistance to those in urgent need of medical care…
Google on Tuesday announced the stable channel release of Chrome 102, which patches 32 vulnerabilities, including a critical flaw reported by an anonymous researcher. The critical security hole, tracked as CVE-2022-1853, has been described as a use-after-free bug affecting…