Daily Cyber Brief
DOJ announces shutdown of pig butchering domains, hackers steal $300K from DraftKings, and threat actors are posing as crypto support chat to bypass MFA...
Cybersecurity
From the early 2000s to 2015, China’s hacking teams caused havoc for private companies and U.S. and allied governments. In a series of high-profile breaches, they poached government databases, weapon system designs and corporate IP. From the breach of the Office of…
The US Government Accountability Office (GAO) has warned that the time to act on securing the US's offshore oil and natural gas installations is now because they are under "increasing" and "significant risk" of cyberattack. A report to Congress looked at a network of "more than…
The cybercrime group called Daixin Team has leaked sample data belonging to AirAsia, a Malaysian low-cost airline, on its data leak portal. The development comes a little over a week after the company fell victim to a ransomware attack on November 11 and 12, per…
An information-stealing Google Chrome browser extension named 'VenomSoftX' is being deployed by Windows malware to steal cryptocurrency and clipboard contents as users browse the web. This Chrome extension is being installed by the ViperSoftX Windows malware…
The County of Tehama, California, has started informing employees, recipients of services, and affiliates that their personal information might have been compromised in a data breach. The incident, Tehama County says, was identified on April 9, but the investigation into the…
The Justice Department announced on Monday that it seized seven domain names used in so-called “pig butchering” schemes, where cybercriminals develop relationships with victims before exploiting them. The U.S. Attorney’s Office for the Eastern District of Virginia said…
Sports betting company DraftKings said today that it would make whole customers affected by a credential stuffing attack that led to losses of up to $300,000. The statement follows an early Monday morning tweet saying that DraftKings was investigating reports [1, 2, 3, 4] of…
A crypto-stealing phishing campaign is underway to bypass multi-factor authentication and gain access to accounts on Coinbase, MetaMask, Crypto.com, and KuCoin and steal cryptocurrency. The threat actors abuse the Microsoft Azure Web Apps service to host a…
Cybercriminals are increasingly turning to a new Go-based information stealer named ‘Aurora’ to steal sensitive information from browsers and cryptocurrency apps, exfiltrate data directly from disks, and load additional payloads. According to cybersecurity firm SEKOIA…
Two Estonian nationals were arrested in Estonia, on Sunday, after being indicted in the U.S. for running a massive cryptocurrency Ponzi scheme that led to more than $575 million in losses. The defendants, 37-year-olds Sergei Potapenko and Ivan Turõgin, are accused of…