U.S. “laptop farm” shut down, Ukranian computers compromised, Trump campaign hacked
Subscribe to Cyber Security Headlines podcast
Spotify, Apple Podcasts, RSS link, add as an Alexa Skill, or search "Cyber Security Headlines" on your favorite podcast app.
In today’s cybersecurity news…
U.S. operation of “laptop farm” for North Korea shutdown
Tennessee resident Matthew Isaac Knoot has been arrested for allegedly running a ‘laptop farm’ to help North Korean IT workers secure remote jobs with American companies. Here’s how the scheme worked: Knoot would steal the identities of U.S. citizens and pose as U.S.-based IT professionals. Once hired, the company would send the work laptop to Knoot’s home, which he then gave the North Koreans access to, allowing them to log in remotely. If convicted, Knoot could face up to 20 years in prison, including a mandatory minimum of two years for aggravated identity theft.
Over 100 Ukrainian government computers compromised?
Attackers impersonating Ukraine’s Security Service (SSU) have compromised over 100 government systems using AnonVNC malware, according to the country’s emergency response team. These attacks began in mid-July and were executed via malicious spam emails containing links to a fake Documents.zip file, which instead downloaded a Windows installer MSI file from a compromised website. The malware allowed the threat group being tracked as UAC-0198, to covertly access and control the compromised systems.
Trump campaign says they were hacked
Former President Donald Trump’s presidential campaign claims its emails were hacked a day after Microsoft issued a report about foreign agents attempting to interfere with the 2024 elections, which we first reported on Monday. The campaign suggests that Iranian actors were behind the hack with the intention of stealing and releasing sensitive internal documents, though no specific evidence has been provided to support these claims. Iran has denied any involvement when questioned about the attack by the United Nations. Multiple U.S. government agencies have stated they take these kinds of reports very seriously but have not provided any other details or insight.?
200,000 affected in Arizona data breach
A data breach affecting hundreds of thousands at an Arizona tech school exposed nearly 50 types of personal information. The compromised data ranged from health information, including prescription numbers and mental or physical conditions, to financial details such as account and routing numbers. The attack, claimed by the LockBit ransomware gang, affected over 200,000 current and former students, staff, and parents in the January incident.?
领英推荐
Thanks to today’s episode sponsor, ThreatLocker
Global cybercrime treaty sparks controversy
Nearly 200 nations have approved the U.N. Convention against Cybercrime, which aims to combat internet-related crimes, including hacking and online child exploitation. However, the treaty is raising concerns about potential human rights violations, as it allows governments significant leeway in electronic surveillance and bypassing privacy safeguards. Critics, including civil rights groups and tech companies, argue the vague language could enable repressive regimes to abuse the treaty, while supporters like the Biden administration believe it strikes a necessary balance between law enforcement and human rights. The convention is expected to pass the U.N. General Assembly which would become law after approval by 40 nations.
Windows bug can instantly crash your system with no fix in sight
The blue screen of death (BSOD) is back and it’s triggered by a bug in the Common Log File System (CLFS) across any recent Windows version, including Windows 10, 11, and Server 2022. Discovered by a Fortra researcher, the issue stems from improper validation in the input data of the CLFS driver, making it possible to crash systems effortlessly. Despite being reported to Microsoft in December 2023, the vulnerability, labeled CVE-2024-6768, remains unpatched, leaving systems vulnerable. Windows Defender is flagging the proof of concept (PoC) exploit as malware, but until Microsoft releases a fix, there’s little that can be done.
Ransomware gang goes for the gold (literally)
Australian gold mining company Evolution Mining reports a ransomware attack impacting their IT systems. The mining operation is one of Australia’s largest gold producers, contributing $1.6 billion to the national economy. While the incident did affect their IT systems, the company says they do not expect it to impact mining operations. As of this recording, no ransomware group has claimed responsibility for the attack.
Millions on the line as AI Teams advance in security challenge
Ninety teams competed at DEF CON over the weekend in the Artificial Intelligence Cyber Challenge hosted by the U.S. government’s Defense Advanced Research Projects Agency (DARPA) to develop autonomous tools that can find and fix vulnerabilities in open-source software. Twenty-two unique vulnerabilities were discovered in major open-source programs like the Linux kernel, with 15 automatically patched.? The seven finalists are now tasked with building out their AI systems before the final competition at the 2025 DEF CON, with nearly $30 million up for grabs in prize money.