News Type
Summary
Source Link
Report
The U.S. Federal Trade Commission (FTC) has reported a massive increase in losses to Bitcoin ATM scams, nearly ten times the amount from 2020 and reaching over $110 million in 2023.
Source: Bleeping Computer
Warning
The FBI warned of North Korean hacking groups aggressively targeting cryptocurrency companies and their employees in sophisticated social engineering attacks to deploy malware designed to steal their crypto assets.
Source: Bleeping Computer
Report
The Dutch Data Protection Authority (Dutch DPA) has imposed a fine of €30.5m ($33.7m) on Clearview AI over illegal data collection for facial recognition.
Clearview AI Fined €30.5m by Dutch Watchdog Over Illegal Data Collection
Report
Nykaa Fashion, a leading Indian beauty and fashion retailer platform and a subsidiary of Nykaa, has taken legal action against its former Chief Business Officer (CBO), Gopal Asthana, accusing him of breaching confidentiality agreements, misappropriating proprietary data, and attempting to harm the company by poaching employees.
Nykaa Fashion initiates legal proceedings against former CBO over alleged data theft
Report
A privacy flaw in WhatsApp is being exploited by attackers to bypass the app’s “View once” feature and view messages again. According to WhatsApp, a fix is coming to WhatsApp Web, but it is unclear if the privacy flaw could still be exploited using custom WhatsApp apps.
Source: Bleeping Computer
Report
The National Crime Agency (NCA), once heralded as British law enforcement’s elite answer to the questions posed by serious and organised crime, including cybercrime, is “on its knees” according to a new report.
Source: The Record
Report
Wix.com has announced it will stop providing services to Russian users on September 12, 2024, with all accounts from Russia, including free and premium, to be blocked and their websites taken down.
Source: Bleeping Computer
Report
The RansomHub ransomware gang has been using TDSSKiller, a legitimate tool from Kaspersky, to disable endpoint detection and response (EDR) services on target systems.
Source: Bleeping Computer
Report
A high-stakes cat and mouse game between defenders and a sophisticated trio of Chinese cyberespionage groups has continued this year, with the hackers launching a string of attacks on government organisations in Southeast Asia despite attempts to disrupt their activity.
Source: The Record
Analysis
A suspected Iranian state-sponsored threat actor, APT34, also tracked as OilRig has targeted Iraqi government organisations and other entities in the country as part of a new espionage campaign, researchers have found.
Source: The Record
Warning
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are alerting the public of false claims that the U.S. voter registration data has been compromised in cyberattacks.
Source: Bleeping Computer
Warning
Binance is warning customers that malware is being used to manipulate withdrawal addresses in order to steal cryptocurrency, in a campaign that has led to “significant financial losses for victims.”
Source: The Record
Report
The Justice Department indicted a Chinese national for attempting to hack several aviation agencies across the U.S. government in order to steal software and code created by the National Aeronautics and Space Administration (NASA) and others.
Source: The Record
Report
A rolling Cloudflare outage is impacting access to web sites worldwide, including BleepingComputer, with sites working in some regions and not others. While Cloudflare said they were currently conducting scheduled maintenance in Singapore and Nashville, its status page does not indicate any problems.
Source: Bleeping Computer
Report
A prolific cybercrime group known as Marko Polo has compromised “tens of thousands of devices” worldwide through cryptocurrency and gaming-related scams, researchers said.
Source: The Record
Report
Unidentified hackers have targeted companies in the construction industry through accounting software known as Foundation, researchers said. The attackers go looking for installations of Foundation that are publicly accessible on the internet, then try combinations of default usernames and passwords that can allow for administrative access.
Source: The Record
Report
Microsoft has identified a financially driven hacking group that is deploying INC ransomware to attack the U.S. healthcare sector. The hacking group has targeted the healthcare, IT, and manufacturing sectors, using ransomware variants such as BlackCat, Rhysida, Quantum Locker and Zeppelin.
Report
Russia has fully pivoted its disinformation efforts to focus on Vice President Kamala Harris, releasing several fake, widely-seen videos designed to harm her campaign. Microsoft published a new report warning that two Russian groups have used X (formerly Twitter), Telegram and several fake news websites to disseminate controversial and fictitious videos about Harris.
Source: The Record
Report
The Walt Disney Company will no longer use Slack for in-house company communication months after a hack that involved more than a terabyte of company data being leaked to the public.
Report
A Federal Trade Commission (FTC) staff report has found that social media and video streaming companies have been engaging in widespread user surveillance, particularly of children and teens, with insufficient privacy protections and earning billions of dollars annually by monetizing their data.
Source: Bleeping Computer
Report
LinkedIn recently began harnessing its users’ content and data to train artificial intelligence models, opting all platform participants into the program without formal notice – except for users in the United Kingdom and Europe.
Source: The Record
Report
A cyber operation within Iran’s Ministry of Intelligence and Security (MOIS) has evolved into a highly sophisticated access broker for Iranian hackers, enabling persistent intrusions into telecommunications and government systems across the Middle East.
Iranian Backdoors Spread Across Middle East Telecoms and Government Agencies, Google Reports
Report
The U.S. DoJ arrested two people, Malone Lam (20) and Jeandiel Serrano (21) in Miami and charged them with stealing more than $230 million worth of cryptocurrency as the duo attempted to launder the stolen cryptocurrency through crypto exchanges and mixing services.
US DoJ charged two men with stealing and laundering $230 Million worth of cryptocurrency
Report
Ukraine has banned the use of the Telegram messaging platform on official devices issued to government and military personnel, as well as defence sector and critical infrastructure employees.
Report
German law enforcement has shut down 47 cryptocurrency exchange services that ransomware gangs and other cybercriminals used for money laundering.
Source: The Record
Report
Missouri-based aviation executive Farhad Azima said that he had settled with the law firm Dechert and two of its former senior attorneys over allegations they took part in a scheme to hack his emails and use them in court to destroy his business.
Aviation executive Farhad Azima settles with law firm Dechert over hacking claim
Report
The Chaser, a news website run by Hong Kong journalists in Britain, says Google informed the diaspora media outlet that its company email was being targeted by “government-backed attacks.”
Hong Kong diaspora media in Britain reports ‘government-backed attacks’
Report
Russian cybersecurity company Kaspersky deleted its anti-malware software from customers’ computers across the United States and automatically replaced it with UltraAV’s antivirus solution. This came after Kaspersky decided to shut down its U.S. operations and lay off U.S.-based employees.
Source: Bleeping Computer
Report
The U.S. Commerce Department proposed prohibiting key Chinese software and hardware in connected vehicles on American roads due to national security concerns, a move that would effectively bar Chinese cars and trucks from the U.S. market.
Source: Reuters
Report
The popular messaging service Telegram has updated its terms of service to discourage “bad actors” from “jeopardising the integrity” of the platform, according to its founder Pavel Durov.
Source: The Record
Report
Google said it has been contacted by several major U.S. companies recently who discovered that they unknowingly hired North Koreans using fake identities for remote IT roles.
Source: The Record
Report
Sweden’s domestic intelligence agency announced that hackers acting on behalf of the Iranian government were behind a cyberattack last year aimed at provoking divisions in the country following a stunt by a far-right political figure.
Source: The Record
Report
The cybercriminal group known as DragonForce has been attacking the manufacturing, real estate and transportation industries worldwide using modified versions of two notorious ransomware variants, researchers said.
Source: The Record