European police arrest a gang that hacked wireless key fobs.

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 18 October 2022, 1430 UTC.  Content provided by "The Hacker News" via https://feedly.com.

Source:  https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fthehackernews.com%2Ffeeds%2Fposts%2Fdefault

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net and https://paper.li/RussellRoberts).

The Hacker News

152K followers30 articles per week#security#tech

10

MOST POPULAR

European Police Arrest a Gang That Hacked Wireless Key Fobs to Steal Cars

Europol 31 Keyless

•

99by noreply@blogger.com (Ravie Lakshmanan) / 3h

Law enforcement authorities in France, in collaboration with Spain and Latvia, have disrupted a cybercrime ring that leveraged a hacking tool to steal cars without having to use a physical key fob. "The criminals targeted vehicles with keyless entry and start systems, exploiting the technology to get into the car and drive away," Europol said in a press statement. The coordinated

Chinese 'Spyder Loader' Malware Spotted Targeting Organizations in Hong Kong

4 TTPs

•

85by noreply@blogger.com (Ravie Lakshmanan) / 3h

The China-aligned espionage-focused actor dubbed Winnti has set its sights on government organizations in Hong Kong as part of an ongoing campaign dubbed Operation CuckooBees. Active since at least 2007, Winnti (aka APT41, Barium, Bronze Atlas, and Wicked Panda) is the name designated to a prolific cyber threat group that carries out Chinese state-sponsored espionage activity, predominantly

Сryptocurrency and Ransomware — The Ultimate Friendship

by noreply@blogger.com (The Hacker News) / 39min

Both cryptocurrency and ransomware are nothing new in the digital world; both have been there for a very long time, which was enough for them to find common pieces for starting their relationship. Ransomware can be like a virtual car that works on all types of fuels, and crypto is the one that is currently most recommended. No one can argue that 2020 was the year of ransomware in the cyber world

YESTERDAY

Critical RCE Vulnerability Discovered in Popular Cobalt Strike Hacking Software

65by noreply@blogger.com (Ravie Lakshmanan) / 8h

HelpSystems, the company behind the Cobalt Strike software platform, has released an out-of-band security update to address a remote code execution vulnerability that could allow an attacker to take control of targeted systems. Cobalt Strike is a commercial red-team framework that's mainly used for adversary simulation, but cracked versions of the software have been actively abused by ransomware

Black Basta Ransomware Hackers Infiltrate Networks via Qakbot to Deploy Brute Ratel C4

8 TTPs

•

77by noreply@blogger.com (Ravie Lakshmanan) / 1d

•

Qakbot Brute Ratel

The threat actors behind the Black Basta ransomware family have been observed using the Qakbot trojan to deploy the Brute Ratel C4 framework as a second-stage payload in recent attacks. The development marks the first time the nascent adversary simulation software is being delivered via a Qakbot infection, cybersecurity firm Trend Micro said in a technical analysis released last week. The

Researchers Say Microsoft Office 365 Uses Broken Email Encryption to Secure Messages

Microsoft 365 Encryption

•

100+by noreply@blogger.com (Ravie Lakshmanan) / 1d

New research has disclosed what's being called a security vulnerability in Microsoft 365 that could be exploited to infer message contents due to the use of a broken cryptographic algorithm. "The [Office 365 Message Encryption] messages are encrypted in insecure Electronic Codebook (ECB) mode of operation," Finnish cybersecurity company WithSecure said in a report published last week. Office 365

Why Crypto Winter is No Excuse to Let Your Cyber Defenses Falter

48by noreply@blogger.com (The Hacker News) / 1d

Don’t let the ongoing “crypto winter” lull you into a false sense of cybersecurity. Even as cryptocurrencies lose value — and some crypto companies file for bankruptcy — cryptojacking still poses an urgent threat to enterprises across industries, from financial services to healthcare to industry 4.0 and beyond. Broadly speaking, cryptojacking is defined as the unauthorized and illegitimate use

New Prestige Ransomware Targeting Polish and Ukrainian Organizations

Microsoft Ukraine Poland

•

75by noreply@blogger.com (Ravie Lakshmanan) / 1d

A new ransomware campaign targeted the transportation and logistics sectors in Ukraine and Poland on October 11 with a previously unknown payload dubbed Prestige. "The activity shares victimology with recent Russian state-aligned activity, specifically on affected geographies and countries, and overlaps with previous victims of the FoxBlade malware (also known as HermeticWiper)," the Microsoft

Zimbra Releases Patch for Actively Exploited Vulnerability in its Collaboration Suite

38by noreply@blogger.com (Ravie Lakshmanan) / 1d

Zimbra has released patches to contain an actively exploited security flaw in its enterprise collaboration suite that could be leveraged to upload arbitrary files to vulnerable instances. Tracked as CVE-2022-41352 (CVSS score: 9.8), the issue affects a component of the Zimbra suite called Amavis, an open source content filter, and more specifically, the cpio utility it uses to scan and extract

OCT 16

INTERPOL-led Operation Takes Down 'Black Axe' Cyber Crime Organization

INTERPOL Black Axe

•

100+by noreply@blogger.com (Ravie Lakshmanan) / 1d

The International Criminal Police Organization, also called the Interpol, has announced the arrests of 75 individuals as part of a coordinated global operation against an organized cybercrime syndicate called Black Axe. "'Black Axe' and other West African organized crime groups have developed transnational networks, defrauding victims of millions while channeling their profits into lavish

END OF FEED