Daily Cyber Brief
TikTok denies allegations that it's been hacked, Cloudflare blocks Kiwi Farms over an 'immediate threat to human life', and QNAP patches a 0-day used in Deadbolt attacks...
Cybersecurity
China on Monday accused Washington of breaking into computers at a university that U.S. officials say does military research, adding to complaints by both governments of rampant online spying against each other. Northwestern Polytechnical University reported…
TikTok is denying reports that it was breached after a hacking group posted images of what they claim is a TikTok database that contains the platform’s source code and user information (via Bleeping Computer). In response to these allegations, TikTok said its team “found no…
The actor was raising money for charity by selling non-fungible tokens (NFTs). This is a news that is not going to help the reputation of the crypto industry much. It must even be said that it will tarnish the image of this young industry which tries to attract the masses by trying to…
A transnational sextortion ring was uncovered and dismantled following a joint investigation between Interpol's cybercrime division and police in Singapore and Hong Kong. Interpol says that 12 suspects believed to be core members of this criminal organization were arrested in…
Threat actors stole Social Security numbers, addresses and account numbers of home mortgage holders at KeyBank, the Associated Press (AP) has reported. The breach was alledgedly caused by third-party vendor Overby-Seawell, a firm providing multiple…
Cloudflare, a website security and hosting provider, announced on Saturday that it had blocked Kiwi Farms, an online forum known for hateful content. In a post on Cloudflare’s blog, the company said Kiwi Farms posed an “immediate threat to human life,” citing an…
QNAP is warning customers of ongoing DeadBolt ransomware attacks that started on Saturday by exploiting a zero-day vulnerability in Photo Station. The company has patched the security flaw but attacks continue today. "QNAP® Systems, Inc. today detected the…
A new Phishing-as-a-Service (PhaaS) named EvilProxy (also known as Moloch) was seen for sale in dark web forums, according to the Resecurity team. "EvilProxy actors are using reverse proxy and cookie injection methods to bypass 2FA [two-factor authentication] – proxifying…
Hackers caused a major traffic jam in Moscow after exploiting the Russian ride-hailing app, Yandex Taxi, to summon dozens of taxis to the same location at the same time (via Vice). The attack occurred on September 1st and had traffic heading towards Kutuzovsky Prospect…
A vulnerable anti-cheat driver for the Genshin Impact video game has been leveraged by a cybercrime actor to disable antivirus programs to facilitate the deployment of ransomware, according to findings from Trend Micro. The ransomware infection, which was triggered in…