Recent Security News
-
Fire Sale: Zeppelin Ransomware Source Code Sells for $500 on Dark Web
January 5, 2024 at 04:53PM The source code and builder for the Zeppelin ransomware strain, previously considered defunct, were sold for $500 on a Russian cybercrime forum, prompting concerns about its potential revival. The buyer’s intent to reuse the code in a similar manner to previous cases is uncertain. The sale’s motive remains unclear, as…
-
US charged 19 suspects linked to xDedic cybercrime marketplace
January 5, 2024 at 04:19PM The U.S. Department of Justice concluded an international investigation into xDedic cybercrime marketplace, with 19 suspects charged. The marketplace facilitated fraudulent activities totaling over $68 million before its shutdown. Several suspects have been sentenced, others awaiting extradition. Two administrators were sentenced, and high-volume seller Dariy Pankov and prolific buyer Allen…
-
23andMe: ‘Negligent’ Users at Fault for Breach of 6.9M Records
January 5, 2024 at 04:03PM 23andMe denies liability for the leak of users’ genetic records due to credential stuffing, attributing blame to users’ negligent password practices. The company defends against alleged breach of privacy laws, highlighting security features available to users and minimal potential harm from the accessed data. The incident prompts considerations of shared…
-
BreachForums admin jailed again for using a VPN, unmonitored PC
January 5, 2024 at 03:08PM BreathForums admin Conor Fitzpatrick was re-arrested for violating pretrial conditions, including using an unmonitored computer and a VPN. He openly admitted to being the threat actor “Pompourin” and creating BreachForums to leak stolen data. Fitzpatrick was charged with theft and sale of sensitive personal information and will remain in custody.…
-
North Korea Debuts ‘SpectralBlur’ Malware Amid macOS Onslaught
January 5, 2024 at 03:06PM TA444, a North Korean state-backed threat actor, has introduced “SpectralBlur,” a new macOS-targeting malware. It offers various capabilities, including file upload/download, shell execution, and command execution. This development underscores the group’s consistent generation of proprietary malware. The malware shares similarities with Lazarus Group’s tools, indicating a significant focus on macOS…