A developer of TrickBot has pleaded guilty to developing malware used in many attacks. he Trickbot malware has been used in attacks against hospitals, companies and individuals worldwide, and has led to stolen personal info and stolen funds from victim bank accounts. The developer is facing a maximum of 36 years in prison. It is good to see someone being held accountable, but unfortunately It is a constant cat and mouse game.
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #36/2023 is out! It includes the following and much more:
➝ 🇺🇸 ☁️ #Microsoft finally explains cause of #Azure breach: An engineer’s account was hacked
➝ 🎫 🔓 See Tickets says #hackers accessed customers’ payment data — again
➝ 🇳🇱 🔓 Chipmaker NXP Semiconductors confirms #databreach involving customers’ information
➝ 🇬🇧 🔓 #UK election body failed cybersecurity test before hack
➝ 🚮 🔓 #Freecycle confirms massive data breach impacting 7 million users
➝ 🇦🇺 🔓 University of #Sydney data breach impacts recent applicants
➝ 🇷🇺 🇺🇸 Wealthy Russian With #Kremlin Ties Gets 9 Years in #Prison for Hacking and Insider Trading Scheme
➝ 🇺🇸 ✈️ US Aeronautical Organization Hacked via #Zoho, #Fortinet Vulnerabilities
➝ 🇮🇷 🎣 Alert: #Phishing Campaigns Deliver New SideTwist Backdoor and Agent Tesla Variant
➝ 🇺🇦 🇷🇺 #Ukraine's CERT Thwarts #APT28's Cyberattack on Critical Energy #Infrastructure
➝ 🎰 💸 #Crypto#casino Stake.com loses $41 million to hot wallet hackers
➝ 🇺🇸 🇬🇧 US, UK take action against members of the Russian-linked #Trickbot hacker syndicate
➝ 🚗 👀 25 Major Car Brands Get Failing Marks From Mozilla for Security and Privacy
➝ 🇬🇧 👀 UK lawmakers back down on encryption-busting ‘spy clause’
➝ 🌏 Hundreds of thousands trafficked to work as online scammers in SE #Asia, says UN report
➝ 🇺🇸 ✍🏻 #CISA Hires @dotmudge to Work on Security-by-Design Principles
➝ 🇬🇧 🛒 Children's snack recalled after its website caught serving porn
➝ 🇸🇪 💰 Insurer fined $3M for exposing data of 650k clients for two years
➝ 🇷🇺 Elon Musk's erosion of safety standards at X is helping #Putin spread Russian propaganda, study finds
➝ 🇰🇵 North Korea-backed hackers target security researchers with 0-day
➝ 🎣 Researchers identify high-grade phishing kits attacking nearly 60,000 #Microsoft365 accounts
➝ 🇮🇳 🤖 #India warns of #malware attacks targeting its #Android users
➝ 🇨🇳 💬 Chinese-Speaking Cybercriminals Launch Large-Scale #iMessage Smishing Campaign in U.S.
➝ 💸 💌 Fake #YouPorn extortion #scam threatens to leak your sex tape
➝ 👤 #Okta Warns of Social Engineering Attacks Targeting Super Administrator Privileges
➝ 🎣 🛡️ #Google is enabling #Chrome real-time phishing protection for everyone
➝ 📱🧨 Hacking device #FlipperZero can spam nearby #iPhones with #Bluetooth pop-ups
➝ 🩹 🍏 #Apple patches “clickless” 0-day image processing #vulnerability in #iOS, #macOS
➝ 🩹 🔓 #AtlasVPN to Patch IP Leak Vulnerability After Public Disclosure
📚 This week's recommended reading is: "Blue Team Handbook: SOC, SIEM, and Threat Hunting (V1.02): A Condensed Guide for the Security Operations Team and Threat Hunter" by Don Murdoch GSE, MSISE, MBA
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
Scientology fights "right to repair" while Russia hijacks UN cybercrime treaty, a privacy research paper on the visually impaired, thoughts (and details) on Jill Biden's 2nd covid infection while the White House insists "we're in a better place," and more.
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #35/2023 is out! It includes the following and much more:
➝ 🔓 🏌🏻♂️Golf gear giant #Callaway data breach exposes info of 1.1 million
➝ 🔓👕 Forever 21 data breach affects half a million people
➝ 🔓 🤦🏻♂️ #LogicMonitor customers hit by hackers, because of default passwords
➝ 🇺🇸 ⚖️ Lawsuit Accuses University of Minnesota of Not Doing Enough to Prevent #DataBreach
➝ 🎬 🔓 #Paramount discloses data breach following security incident
➝ 🏥 🔓 #Healthcare Organizations Hit by Cyberattacks Last Year Reported Big Impact, Costs
➝ 🇺🇸 🌎 #Microsoft joins a growing chorus of organizations criticizing a #UN cybercrime treaty
➝ 🇺🇸 🦠 U.S. Hacks #QakBot, Quietly Removes Botnet Infections
➝ 🇷🇺 🇺🇦 #Russia targets #Ukraine with new Android #backdoor, intel agencies say
➝ 🇷🇺 🕵🏻♂️ Unmasking #Trickbot, One of the World’s Top Cybercrime Gangs
➝ 🇨🇳 👀 ‘Earth Estries’ #Cyberespionage Group Targets Government, Tech Sectors
➝ 🇨🇳 Chinese Hacking Group Exploits Barracuda Zero-Day to Target Government, Military, and Telecom
➝ 💸 🇪🇺 Pay our ransom instead of a #GDPR fine, #cybercrime gang tells its targets
➝ 🇺🇸 🇨🇳 #Meta: Pro-Chinese influence operation was the largest in history
➝ 🇪🇸 📸 Spain warns of #LockBit Locker ransomware phishing attacks
➝ 🇵🇱 🚂 Two Men Arrested Following #Poland Railway Hacking
➝ 🇰🇵 🐍 #Lazarus hackers deploy fake #VMware PyPI packages in #VMConnect attacks
➝ 💸 #Classiscam fraud-as-a-service expands, now targets banks and 251 brands
➝ 💬 🎠 Trojanized #Signal and #Telegram apps on Google Play delivered spyware
➝ 🦠 📄 MalDoc in PDFs: Hiding malicious Word docs in PDF files
➝ 🇧🇷 👀 A Brazilian phone #spyware was hacked and victims’ devices ‘deleted’ from server
➝ 👨🏻💻 🔐 #GitHub Enterprise Server Gets New Security Capabilities
➝ 🚗 💰 Over $1 Million Offered at New #Pwn2Own#Automotive Hacking Contest
➝ 🩹 #Splunk Patches High-Severity Flaws in Enterprise, IT Service Intelligence
➝ ⛏️ 🔓 Recent #Juniper Flaws Chained in Attacks Following #PoC Exploit Publication
📚 This week's recommended reading is: "Spam Nation: The Inside Story of Organized Cybercrime―from Global Epidemic to Your Front Door" by @briankrebs
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️