December 20, 2023 at 04:03AM The international police operation HAECHI-IV led to the arrests of 3,500 individuals in 34 countries, targeting financial crimes including voice phishing, romance scams, and investment fraud, and seizing $300 million. Authorities also froze 82,112 suspicious bank accounts, confiscating $199 million in hard currency and $101 million in virtual assets. Novel … Read more
December 19, 2023 at 02:51AM The 8220 Gang exploits a high-severity flaw in Oracle WebLogic Server (CVE-2020-14883) to propagate their cryptojacking malware, using known security flaws to distribute it. Imperva documented recent attack chains, targeting healthcare, telecommunications, and financial services sectors in multiple countries. The group relies on simple, publicly available exploits and constantly evolves … Read more
December 18, 2023 at 05:14PM Microsoft’s Digital Crimes Unit disrupted the Storm-1152 cybercrime-as-a-service provider that fraudulently created and sold over 750 million Microsoft accounts, generating millions in illicit profits. The group utilized fake profiles, automated criminal activities, and bypassed security measures like CAPTCHAs. Microsoft identified the main operators and shut down Storm-1152’s US-based infrastructure. The … Read more
December 9, 2023 at 07:12AM Researchers from Vrije Universiteit Amsterdam disclosed a new side-channel attack called SLAM, exploiting a feature in Intel, AMD, and Arm CPUs. The exploit, an end-to-end Spectre-based attack, allows leakage of sensitive data from kernel memory. Intel, AMD, and Arm are working on mitigations, while existing and future CPUs are affected. … Read more
December 8, 2023 at 05:36AM A new Trojan-Proxy malware targeting macOS users is spreading via pirated software from unauthorized websites. Kaspersky uncovered a cross-platform threat that also affects Windows and Android. The malware, disguised as legitimate software, uses .PKG installers with malicious scripts. It aims to use infected devices as proxy servers for criminal activities. … Read more
December 7, 2023 at 11:40AM The UK and US warn of Russian state-aligned Callisto Group’s global spear-phishing attacks targeting data and credentials. Active since 2015, Callisto employs sophisticated social engineering and cyber tactics, recently shifting techniques to evade detection. Two group members have been sanctioned for undermining UK democracy. Meeting Takeaways: 1. The Russian state-backed … Read more
December 7, 2023 at 07:00AM A severe Bluetooth flaw (CVE-2023-45866) allows unauthorized control over Android, Linux, macOS, and iOS devices via keystroke injection without user permission, affecting devices since Android 4.2.2. Discovered by Marc Newlin, no specialized hardware is needed for the exploitation, with full technical details pending release. Meeting Key Takeaways – Critical Bluetooth … Read more
December 5, 2023 at 01:55PM A hacker group, Malek Team, claimed to have stolen 500GB of data from Israel’s Ziv Medical Center, affecting 100,000 IDF records. Confirmed by the center on Nov. 27, the breach includes patients’ details and medical information. Prior, the group targeted Ono Academic College. Cyberattacks on Israeli medical facilities are rising. … Read more
December 4, 2023 at 06:36PM Iran-linked cyber group CyberAv3ngers, tied to the IRGC, exploited default passwords to attack US water systems using Israeli PLCs, as warned by multiple US agencies. No operational impact on water safety was reported. Agencies advise against exposing PLCs online and using default passwords. Meeting Takeaways: 1. Iranian cybercriminals, associated with … Read more
December 4, 2023 at 05:05PM New variants of the P2Pinfect botnet target 32-bit MIPS processor devices, exploiting weak credentials and using sophisticated evasion techniques. Initial focus was on Redis servers, but the scope has expanded to include routers and IoT devices globally. Objectives of the malware operators remain unclear. **Meeting Takeaways: Focus on P2Pinfect Botnet … Read more