VW alleged data theft, Finland seizes Sipultie, Calgary library cyberattack
Subscribe to Cyber Security Headlines podcast
Spotify, Apple Podcasts, RSS link, add as an Alexa Skill, or search "Cyber Security Headlines" on your favorite podcast app.
In today’s cybersecurity news…
VW says IT infrastructure unaffected after alleged data theft
The 8Base ransomware group claims to have stolen valuable data from the Volkswagen Group’s systems. That data allegedly includes financial records, personal data, and personnel files. The Volkswagen Group owns car brands such as Volkswagen, Skoda, Seat, Audi, Lamborghini, Porsche, Cupra, and Bentley. A VW spokesperson said their IT infrastructure has not been affected and that they’re continuing to carefully monitor the situation. Although VW’s time is up according to 8Base’s website, the hackers do not appear to have leaked any of the stolen information to the public.?
Finland seizes servers of ‘Sipultie’ dark web market
On Tuesday, the Finnish Customs office announced that it worked with international authorities to seize servers and the website for the ‘Sipulitie’ darknet marketplace. Criminals used the site to sell illegal narcotics to both Finnish and English-speaking users and its operator claimed a turnover of 1.3 million Euros (approximately $1.42 million). The authorities said they were also able to uncover the identities of site administrators and moderators. Sipultie launched in February 2023 after authorities seized its predecessor, ‘Sipulimarket’ which had raked in more than two million Euros.?
Calgary Public Library services limited after cyberattack
The public library system, which runs 22 branches for the city’s 1.3 million residents, said Friday that a “cybersecurity breach” compromised some of its systems. The library closed early on Friday and powered down all servers and computers. The library expects all locations to return to normal hours today but said any services that rely on technology will remain unavailable. This means that online event registration, WiFi, eResources, and book return services will remain unavailable. The library did not say when they expect services to return to normal.?
175 million Amazon customers now use passkeys
Amazon announced Tuesday, that over 175 million customers are using passkeys since the company rolled the feature out about a year ago. Passkeys are digital credentials tied to biometric controls or PINs and stored within a secure chip on devices such as phones, computers, and USB security keys. One drawback of passkeys is that they are not portable, meaning you can’t transfer them between devices or password managers.
However, that limitation is about to be addressed as the FIDO alliance has just announced a new specification that makes passkeys portable across different platforms and password managers. The FIDO Alliance estimates that 12 billion online accounts are now secured using passkeys. FIDO added that, by using passkeys over passwords, phishing has been reduced, and credential reuse eliminated, while making sign-ins up to 75% faster, and 20% more successful than passwords or passwords plus a second factor.?
领英推荐
(Bleeping Computer and ZDNet)
Thanks to today’s episode sponsor, Conveyor
EDR red team tool used to bypass security
Researchers at Trend Micro have observed threat actors using an open-source red-team tool called EDRSilencer to identify endpoint security tools and mute their alerts to management consoles. This helps attackers evade detection to carry out successful attacks. EDRSilencer uses Windows Filtering Platform (WFP) to monitor, block, or modify network traffic. The latest version of EDRSilencer detects and blocks 16 modern EDR tools. To defend against this threat, the researchers recommend implementing multi-layered security controls, using security solutions that provide behavioral analysis and anomaly detection, applying least privilege principles, and looking for indicators of compromise.
North Korean hackers targeting Linux systems in cyber heists
North Korean threat actors are using a new variant of malware known as “FASTCash” to carry out their cyber campaign. The malware modifies ISO 8583 transaction messages used in debit and credit card transactions to initiate unauthorized withdrawals and can even manipulate transactions that have been declined due to insufficient funds. The fraudulent withdrawals are in Turkish currency ranging from 12,000 to 30,000 lira ($350 to $875). The malware has been around since 2018 but has been newly updated to target Linux systems. Cybersecurity and Infrastructure Security Agency (CISA) recommends implementing chip and PIN requirements for debit cards, verifying message authentication codes for financial transactions, and performing authorization validation for chip and PIN transactions.
Nearly 400 U.S. healthcare institutions hit with ransomware over past 12 months
On Tuesday, Microsoft released a report revealing that between July 2023 and June 2024, 389 U.S.-based healthcare institutions were successfully hit with ransomware. The attacks caused network and system outages, delays in critical medical operations and rescheduled appointments. Microsoft customers reported a 2.75x increase in human-operated ransomware encounters. The researchers said that the motives of Russian, North Korean and Iranian cybercriminals appear to have shifted from destruction to financial gain. The report did yield some positive news, showing that the percentage of ransomware attacks that reached the encryption stage has decreased significantly over the past two years.?
(The Record and The Register)
Hong Kong police bust fraudsters using deepfakes in romance scams
Hong Kong police have arrested 27 people for allegedly carrying out romance scams using deepfake face-swapping technology. The scheme amassed roughly $46 million from victims in Hong Kong, mainland China, Taiwan, India and Singapore. Authorities said the scammers made contact with victims via social media platforms and lured them in using AI-generated photos of attractive individuals. They then turned to deepfake technology when victims requested video calls. Police seized computers, mobile phones, luxury watches and over $25,000 in suspected crime proceeds from the operation’s headquarters.
Security Administrator at Assurant
5 个月Very informative