Cybercrime Magazine

Today's Top Cybersecurity News Stories.

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 21 November 2022, 1419 UTC.  Content provided by "Cybercrime Magazine."

Source:  https://cybersecurityventures.com/cybercrime-news/

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net and https://paper.li/RussellRoberts).

Today’s Top Cybersecurity News Stories

From the Editors at Cybercrime Magazine

Our daily feed provides consumers and business, technology, financial, education and government professionals with the latest news to keep you on the cutting edge of cyber. If there’s something you should know about, then we’re on it.

TODAY

Powered by Cybercrime.News

Showing 1-25 of 2595
of 104
11/21/2022

Personal Data Of AirAsia Malaysia, Indonesia And Thailand Passengers Allegedly Leaked Due To Ransomware

Personal data belonging to 5 million AirAsia passengers via AirAsia Malaysia, AirAsia Indonesia and AirAsia Thailand may have been leaked after the airline was hit by a purported ransomware attack. It was alleged that AirAsia was a victim of a Daixin Team ransomware attack and the attackers have shared two CSV files which contain personal details of passengers and employees. From the sample data, the CSV file contains the passenger ID, full name (first, middle and last), booking ID, total cost of ticket. Meanwhile, the CSV for employee data contains a wide array of details including photos, secret questions, secret answers, birth city, birth state, birth country and nationality. Full Story

Source: SOYACINCAU
11/21/2022

Agencies Urge Health Sector To Protect Against Ransomware Threat

The FBI, Cybersecurity & Infrastructure Security Agency, (CISA) and Department of Health and Human Services Nov. 17 recommended actions to reduce the risk of compromise from Hive ransomware, which has victimized over 1,300 health care and other organizations since last June. “This joint advisory on the notorious ransomware-as-a-service gang known as Hive provides updated and actionable technical indicators of compromise that should be loaded into network defensive systems,” said John Riggi, American Hospital Association’s national advisor for cybersecurity and risk. "Without sustained offensive cyber operations by the U.S. government against these cyber gangs, defensive measures by the health care sector will have a limited effect in mitigating the public health and safety threat posed by their ongoing ransomware attacks.” Full Story

Source: American Hospital Association
11/21/2022

Microsoft: Royal Ransomware Group Using Google Ads In Campaign

The Royal Ransomware group used Google Ads in one of their campaigns of attacks, according to report from Microsoft’s Security Threat Intelligence team. The ransomware – which emerged in September and claimed a number of victims including the one of the most popular motor racing circuits in the UK – is being distributed by multiple threat actors. The researchers said in late October they discovered a “malvertising” campaign where the hackers used Google Ads to redirect users to a download site with malicious files. Microsoft said it reported the abuse of the traffic distribution system to Google. Recorded Future senior security architect Allan Liska said that while the Royal ransomware group is new, it appears to be made up of experienced hackers that previously worked as affiliates for other ransomware groups. Full Story

Source: The Record
11/21/2022

US Gov Cybersecurity Apprenticeship Sprint: 190 New Programs, 7,000 People Hired

The U.S government’s 120-day Cybersecurity Apprenticeship Sprint has come to an end. The initiative has resulted in more than 190 new cybersecurity programs and 7,000 apprentices getting hired. The sprint was launched in July by the White House, the Department of Labor and various other government agencies, as well as private sector partners. The goal was to promote the Registered Apprenticeship model for developing and training a skilled and diverse cybersecurity workforce. As a result of the initiative, the White House announced that 194 new Registered Apprenticeship programs have been approved or are in development. In addition, more than 7,000 apprentices, including 1,000 from the private sector, got a job. Full Story

Source: SecurityWeek
11/21/2022

Google Looking Outside The Usual Channels To Fix Security Skills Gap

Cybersecurity moves fast. New and bigger threats emerge all the time across an ever-expanding attack surface and there's not enough people to fill vacant jobs. Because of this, "not every organization is hyper-focused on the subject of diversity and inclusion," MK Palmore, a director in Google Cloud's Office of the Chief Information Security Officer, told The Register. Google Cloud recently partnered with Cyversity, a non-profit that seeks to bring more women and underrepresented minorities into infosec jobs. Palmore also sits on the Cyversity board of directors. And together with the SANS Institute and Palo Alto Networks, the org and the cloud giant announced the Cyversity SANS Diversity Academy, which will provide free education and training in an effort to place around 200 women and underrepresented minorities into cybersecurity jobs. Full Story

Source: The Register
11/19/2022

Investment Manager Arrested For $10 Million Cryptocurrency Ponzi Scheme

An Ohio man was arrested on criminal charges related to his alleged involvement in a cryptocurrency investment fraud scheme that raised at least $10 million from investors. Rathnakishore Giri, 27, of New Albany, allegedly misled investors by fraudulently promoting himself as an expert cryptocurrency trader, with a specialty in trading Bitcoin derivatives. Giri falsely promised investors that he would generate lucrative returns with no risk to their principal investment amount.. In reality, Giri often used money provided by new investors to repay old investors – a hallmark of a Ponzi scheme. Giri allegedly had a record of investment failures, including a long history of losing investors’ principal investments, and misled investors about reasons for delays when they sought to cash out their investments or otherwise obtain the return of their “guaranteed” principal. Giri is charged by indictment with five counts of wire fraud. If convicted, he faces a maximum penalty of 20 years in prison on each count. News Release

Source: U.S. Department of Justice
11/19/2022

Microsoft: Hackers Are Using This 'Concerning' Tactic To Dodge Multi-Factor Authentication

With multi-factor authentication use rising as attacks on passwords become more common, Microsoft has seen an increase in attackers using token theft in their attempts to sidestep MFA. In these attacks, the attacker compromises a token issued to someone who's already completed MFA and replays that token to gain access from a different device. Tokens are central to OAuth 2.0 identity platforms, including Azure Active Directory (AD), which aim to make authentication simpler and faster for users, but in a way that's still resilient to password attacks. Microsoft warns that token theft is dangerous because it doesn't require high technical skills, detection is difficult and, because the technique has only recently seen an uptick, few organisations have mitigations in place. Full Story

Source: ZDNet
11/19/2022

CertiK Investigates KYC Actors Hired To Scam The Web3 Community

Blockchain and decentralized finance (DeFi) focused security platform Certik’s investigation led to the discovery of the professional “KYC actors” who bypass KYC processes to scam crypto communities, according to a Nov. 17 Certik blog post. A KYC actor is defined as an individual who rogue developers hire to spoof the KYC process on crypto projects or exchanges to lurk and gain trust among the crypto community before an insider hack or exit scam. Certik uncovered tactics used to carry out hacks and exit scams from an interview with a KYC actor and through probing into activities taking place in over 20 over-the-counter (OTC) underground markets, mainly concentrated on Telegram, Discord, low-requirement phone-based applications, and job advertisements. Full Story

Source: CryptoSlate
11/19/2022

South Korea Seizes $104M From Terra Co-Founder Suspecting Unfair Profits

While crypto exchange FTX stole the limelight from other fallen ecosystems, South Korean authorities continue their efforts to bring closure to the victims of the year’s first crypto crash — Terraform Labs. Nearly six months after the Terra (LUNA) blockchain was officially halted, South Korean authorities froze approximately $104.4 million (140 billion won) from co-founder Shin Hyun-seong based on suspicion of unfair profits. The claim related to Shin’s involvement in selling pre-issued Terra tokens to unwary investors. Based on suspicion of profiting from unwarranted LUNA sales, the Seoul Southern District Court froze the allegedly stolen funds until further investigations are underway, reported local news media YTN. Full Story

Source: Cointelegraph
11/19/2022

Estonia's Eesti Energia Website Down After Pro-Kremlin Cyberattack

The website and online channels of state electricity generator Eesti Energia and some of its related companies are offline following a large-scale denial of service attack thought to have been conducted by pro-Kremlin hackers. The attack has affected Eesti Energia's site and mobile app, and also grid maintenance firm Elektrilevi's website, and its MARU mobile app, ERR reports, while one government ministry, the central bank and several other key state sites have also been hit by attacks, though with less success. The incidents coincided with similar and simultaneous attacks on key sites in Latvia, Poland and Ukraine. Eesti Energia AS is a public limited energy company in Estonia with its headquarters in Tallinn, Estonia. Full Story

Source: ERR.ee
11/18/2022

Meta Employees, Security Guards Fired For Hijacking User Accounts

Meta Platforms Inc. has fired or disciplined more than two dozen employees and contractors over the last year whom it accused of improperly taking over user accounts, in some cases allegedly for bribes, according to people familiar with the matter and documents viewed by The Wall Street Journal. Some of those fired were contractors who worked as security guards stationed at Meta facilities and were given access to the Facebook parent’s internal mechanism for employees to help users having trouble with their accounts, according to the documents and people familiar with the matter. The mechanism, known internally as “Oops,” has existed since Facebook’s early years as a means for employees to help users they know who have forgotten their passwords or emails, or had their accounts taken over by hackers. Full Story

Source: The Wall Street Journal
11/18/2022

Finland-Based Uponor Copes With Data Breach Resulting From Ransomware Attack

On Nov. 5, Vantaa, Finland-based Uponor was subject to a ransomware attack, which impacted its operations in Europe and North America where it has headquarters in Apple Valley, Minn. The company has evidence of a data breach affecting Uponor’s employee, customer, and other partners’ data, and its operations are still affected by the attack. The company continues to analyse the situation and the extent of the implications of the attack with security professionals and is taking all necessary measures to restore the situation. Uponor considers the ransomware attack and the data breach serious criminal acts. The company, which calls itself a global pioneer in intelligent plumbing and climate solutions, has reported the incident to the police and the data protection authorities. Full Story

Source: Yahoo! Finance
11/18/2022

Feds Arrest Russians Accused Of Running The Largest Pirated E-Book Library

Last month, the alleged masterminds behind Z-Library—an e-book pirate site that claims to be “the world’s largest library”—were arrested. According to a press release Nov. 16 from the U.S. Department of Justice, Russian nationals Anton Napolsky and Valeriia Ermakova have been charged with “criminal copyright infringement, wire fraud and money laundering for operating Z-Library.” Napolsky and Ermakova were arrested in Argentina on Nov. 3. On the same day, the U.S. government seized a complex network of approximately 249 interrelated web domains. For many less web-savvy users, the domain seizure essentially shut down access to Z-Library’s 11 million e-books, but anyone on the dark web knows it’s still up and running—suggesting that while arresting Napolsky and Ermakova has stifled Z-Library, it has not shuttered it, and it could come back. Full Story

Source: ars TECHNICA

Comments

Popular posts from this blog

The Hacker News Daily Updates

Cyber War News Today

CyberNews: Weekly News Roundup