Personal details of 21M SuperVPN, GeckoVPN users leaked on Telegram
In total, the database contains 10GB worth of data from companies like SuperVPN, GeckoVPN, and ChatVPN which is now available for free download on several different Telegram groups. On May
Threat Advisory: Critical F5 BIG-IP Vulnerability
Summary A recently disclosed vulnerability in F5 Networks’ BIG-IP could allow an unauthenticated attacker to access the BIG-IP system to execute arbitrary system commands, create and delete files, disable services
Spain's Spy Chief Sacked Over Pegasus Scandal
The National Intelligence Center reportedly used Pegasus to spy on leaders of the Catalan independence movementRead More: https://www.infosecurity-magazine.com/news/spains-spy-chief-sacked-pegasus/
State to gain more ability to monitor DOD cyber ops under White House agreement
Written by Suzanne Smalley May 10, 2022 | CYBERSCOOP The Biden administration has forged a new agreement under which the State Department will have more ability to weigh in on
UK, EU, US formally blame Russia for Viasat satellite hack before Ukraine invasion
Written by AJ Vicens May 10, 2022 | CYBERSCOOP The European Union and the United Kingdom formally blamed the Russian government for the Feb. 24 hack of satellite modems in
Ransomware has gone down because sanctions against Russia are making life harder for attackers
The number of ransomware attacks has gone down in recent months because sanctions against Russia are making it harder for cyber criminals to organise attacks and receive ransom payments, Rob
Vulnerability Spotlight: Vulnerability in Alyac antivirus program could stop virus scanning, cause denial of service
Jaewon Min of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered an out-of-bounds read vulnerability in the ESTsecurity Corp.’s Alyac antivirus software that could cause
The Value of Smart Contracts and the Technology Opportunity Behind Them
Smart contracts are increasingly becoming a popular alternative to traditional contracts for businesses looking to automate when provisions of an agreement are executed. The goal is to reduce manual administration
Virtual patching: Your Guide to Hardening Defenses
“Make do and mend.” If you work in IT security, this slogan, from a pamphlet issued by the British government in 1943, probably resonates. In security, constant mending—i.e. patching, is
Microsoft: The ransomware world is changing, here's what you need to know
Microsoft has shone a spotlight on ransomware-as-a-service (RaaS), a style of criminal enterprise that relies on gig workers and is structured around profit-sharing to reduce risk borne by a single
Western Intelligence Blames Russia for Europe-Wide Cyber-Attack
EU, UK, US and other allies have attributed responsibility for the February attacks on comms firm Viasat to RussiaRead More: https://www.infosecurity-magazine.com/news/intelligence-russia-europe-cyber/
This AI Can Generate Unique and Free Bored Ape NFTs
The NFT market’s claim to fame is undoubtedly the Bored Apes Yacht Club yet someone is offering endless free versions of these rare collectibles, thanks to Artificial Intelligence (AI). Yannic
Patch Tuesday May 2022 – Microsoft Pledges Fixes and Improvements for Azure Synapse Pipeline and Azure Data Factory
As part of Patch Tuesday May, Microsoft has pledged to release improvements for both Azure Synapse Pipeline and Azure Data Factory. This announcement came shortly after Microsoft disclosed CVE-2022-29972, a
Hackers Actively Exploit F5 BIG-IP Bug
The bug has a severe rating of 9.8, public exploits are released. Threat actors have started exploiting a critical bug in the application service provider F5’s BIG-IP modules after a
Government hackers made hundreds of thousands of stolen credit cards 'worthless' to crooks
A joint operation involving intelligence agency GCHQ and the Ministry of Defence took direct action against computer networks used by cyber criminals, helping to protect people against cyberattacks and also
Conti Ransomware Attack Spurs State of Emergency in Costa Rica
The threat group has leaked data that it claims was stolen in the breach and is promising more government-targeted attacks. Costa Rican President Rodrigo Chaves declared a state of national
#CYBERUK22: Jeremy Fleming Argues Offensive Capabilities Required to Be Global Cyber Power
Jeremy Fleming, director of GCHQ, says nations must be able to impose a cost on cyber-criminalsRead More: https://www.infosecurity-magazine.com/news/jeremy-fleming-offensive-cyber/
Don’t Underestimate the DCRat Malware!
An effective type of trojan malware that provides full backdoor access to Windows systems can be purchased for almost nothing on underground forums. It also appears that the backdoor malware,
Ransomware attack and COVID woes force this 150-year-old college to shut down
Lincoln College in Illinois will shut down permanently this week after financial woes caused by the pandemic were magnified by a ransomware attack last December. In a note posted on
Critical F5 BIG-IP Vulnerability Exploited by Hackers
Hackers have begun deploying malicious payloads by means of a critical vulnerability identified as CVE-2022-1388, which has an impact on numerous versions of all F5 BIG-IP modules. F5 issued patches
Lincoln College to Close Following Ransomware Attack
Lincoln College has a 19th-century history. Prior to Lincoln, Illinois, several locations were considered for the institution, but in December 1864, Lincoln was selected. The Lincoln campus has a student
Cloud computing security: New guidance aims to keep your data safe from cyberattacks and breaches
An increasing number of businesses are adopting cloud applications and services and that means cyber criminals are targeting these services. Now, new advice has been issued to help firms secure
Scammer posed as cybersecurity chief in phishing email
A record number of scams have been removed from the internet as part of a scheme to help protect people from fraud and cybercrime. The National Cyber Security Centre (NCSC)
Critical Infrastructure Firms See Cyber-Attacks Surge
Most CNI providers have seen an increase in threats since Ukraine warRead More: https://www.infosecurity-magazine.com/news/critical-infrastructure-firms/
Researchers Find 31,000 FTSE 100 Logins on Dark Web
Over 80% of UK’s biggest firms are affectedRead More: https://www.infosecurity-magazine.com/news/researchers-31000-ftse-100-logins/
UK Government Security Experts Take Down 2.7 Million Scams
National Cyber Security Centre wants even closer public-private co-operationRead More: https://www.infosecurity-magazine.com/news/uk-government-security-experts-27/
Clearwater AI agrees to restrict sales of facial recognition technology
In a landmark settlement, facial recognition company Clearwater AI, known for downloading billions of user photos from social media and other websites to build a face-search database for use by
Low-rent RAT Worries Researchers
Researchers say a hacker is selling access to quality malware for chump change. For about the price of a cup of Starbucks latte, a hacker is renting out a remote
Security Above and Beyond CNAPPs
Trend Micro – The cloud is driving transformative benefits for global organizations. But in rushing their applications and infrastructure into new computing environments, they’re also exposing business-critical data to new
Russian TV Schedules Hacked on Victory Day to Show Anti-War Messages
Hackers targeted Russian television channels’ program names right before Vladimir Putin’s speech on Victory Day to commemorate the defeat of Nazi Germany by the Soviet Union in WWII. Victory Day
Costa Rican president begins tenure with ransomware national emergency declaration
Written by AJ Vicens May 9, 2022 | CYBERSCOOP The new president of Costa Rica declared a national emergency over the weekend as fallout continues from a late-April ransomware attack.
Hackers Replace Russian TV Schedules During 'Victory Day' With Anti-War Messages
The hack affected several major networks, including Channel One, Rossiya-1 and NTV-PlusRead More: https://www.infosecurity-magazine.com/news/hackers-russian-tv-schedules/
FBI: Rise in Business Email-based Attacks is a $43B Headache
A huge spike in fraudulent activities related to attacks leveraging business email accounts is a billion-dollar-problem. The FBI warned the global cost of business email compromise (BEC) attacks is $43
Agricultural Manufacturer AGCO Hit by Ransomware
The attack has impacted the firm’s operations during the crucial planting seasonRead More: https://www.infosecurity-magazine.com/news/agricultural-manufacturer-agco/
How to remove yourself from Internet search results and hide your identity
Go incognito. Getty Images/iStockphoto There is now a very thin line, easily broken, which separates our physical and digital identities. Social networks have evolved from the days of MySpace to
Microsoft's new cybersecurity service combines tech and human experts
Microsoft has unveiled a set of new managed cybersecurity services to help customers combat malware and other threats amid an ongoing cybersecurity skills crunch. Microsoft has created a new umbrella
National Emergency Declared by Costa Rica Following Conti Cyberattacks
Following cyber-attacks by the Conti ransomware organization on numerous government bodies, Costa Rican President Rodrigo Chaves has declared a national emergency. According to the BleepingComputer publication, Conti also published the
Beware: This cheap and 'homemade' malware is surprisingly effective
A powerful form of trojan malware that offers complete backdoor access to Windows systems is being sold on underground forums for the price of a cup of coffee – and
Hackers Hijacked Official Ferrari Subdomain to Host NFT Scam
After the hijacking, hackers hosted the Mint Your Ferrari NFT scam on the luxury automaker’s official website. Italian luxury automobile manufacturer Ferrari’s official website was hacked to promote a fake
Information Leading to the Arrest of Conti Ransomware Co-Conspirators to be Rewarded
Conti ransomware is an extremely damaging malicious actor due to the speed with which encrypts data and spreads to other systems. The cyber-crime action is thought to be led by
Podcast: The State of the Secret Sprawl
In this podcast with Mackenzie Jackson, developer advocate at GitGuardian, we dive into the report and also the issues that corporations face with public leaks from groups like Lapsus and
Caramel Credit Card Theft Is Becoming Increasingly Popular
A credit card stealing service is gaining traction, providing a simple and automated option for low-skilled threat actors to enter the realm of financial fraud. How Do Credit Card Skimmers
We Need To Stop Preparing For The Last War | ConnectWise CyberSEC 2022
Small and medium businesses are not safe from these attacks. Some affiliates are specialized in targeting the SMB segment, often using different initial vectors than for enterprises. Ransom is based
Treasury Sanctions Crypto Firm After North Korea’s $620m Heist
Blender.io is the first crypto mixing service to be hit Read More: https://www.infosecurity-magazine.com/news/treasury-sanctions-crypto-north/
London Police Warn of Crypto Muggings – Report
Criminals combine physical and digital techniquesRead More: https://www.infosecurity-magazine.com/news/london-police-warn-of-crypto/
US Government Offers $15m Reward for Info on Conti Actors
State Department turns up the heat on co-conspiratorsRead More: https://www.infosecurity-magazine.com/news/us-government-15m-reward-info/
Crypto mixer Blender sanctioned by US Treasury for involvement in $600m Ronin theft
Written by Chris Duckett, APAC Editor Chris Duckett APAC Editor Chris started his journalistic adventure in 2006 as the Editor of Builder AU after originally joining CBS as a programmer.
Examining the Black Basta Ransomware’s Infection Routine
Trend Micro – Examining the Black Basta Ransomware’s Infection Routine Ransomware We analyze the Black Basta ransomware and examine the malicious actor’s familiar infection tactics. By: Ieriz Nicolle Gonzalez, Ivan