Daily Cyber Brief
WhatsApp files on dark web show millions of records for sale, Cuban ransomware raked in $60 million, and hundreds of scam predatory loan apps found on Apple and Google play store
In mid-November, a threat actor posting on a dark web forum claimed to have stolen the personal information of almost 500 million WhatsApp users. Now, Check Point Research (CPR) has published a new advisory analyzing the exposed files and confirming the leak…
The FBI and CISA revealed in a new joint security advisory that the Cuba ransomware gang raked in over $60 million in ransoms as of August 2022 after breaching more than 100 victims worldwide. This is a follow-up to another advisory issued one year ago, which warned that…
Hundreds of predatory loan apps targeting people across Africa, Asia and Latin America have been available on Google Play and Apple App Store, garnering over 15 million collective downloads. Discovered by researchers at the cybersecurity firm Lookout, the apps include 35…
A new Go-based malware threat that researchers call Redigo has been targeting Redis servers vulnerable to CVE-2022-0543 to plant a stealthy backdoor and allow command execution. CVE-2022-0543 is a critical vulnerability in Redis (Remote Dictionary Server) software with…
A cybercrime group based in Nigeria is targeting businesses in the United States and Western Europe with a plethora of scam emails as part of a larger campaign of business email compromise (BEC) attacks. Abnormal Security’s Crane Hassold told The Record that the group – named “Lilac Wolverine” – stood out to them among the thousands of BEC threat…
Brave Software announced that, as part of a global beta program, it is now displaying "privacy-preserving ads" in-between results shown by its web search engine to select users. All "private search ads" (as Brave calls them) shown by Brave Search throughout this beta test will be…
Colombian healthcare provider Keralty reported a ransomware attack on Sunday, which affected its systems as well as two of its subsidiaries: EPS Sanitas and Colsanitas. The attack has been reported on by Colombian news outlet El Tiempo, and would have disrupted the..
More than a dozen journalists and staff at the Salvadoran news outlet El Faro filed suit against the embattled Israeli spyware firm NSO Group on Wednesday, alleging that the company violated U.S. state and federal laws by enabling the illegal surveillance of their…
Medibank on Thursday confirmed that the threat actors behind the devastating cyber attack have posted another dump of data stolen from its systems on the dark web after its refusal to pay a ransom. "We are in the process of analyzing the data, but the data released appears to…
The $26 million Series B brings the total raised by Pangea to $51 million and underscores a push by venture capital investors to bet on companies that help developers embed security services and APIs into their cloud applications. In addition to Google Ventures, Pangea…