Blog
-
Popular Bitcoin ATMs Exploited to Steal Crypto From Customer Accounts
Attackers were able to hijack a video upload feature on the bitcoin ATMs to upload malicious JavaScript. At least 15 operators were compromised and $1.5 Million in crypto was confirmed stolen for now.
-
Google Blocks One of China’s Biggest Shopping Apps Pinduoduo Over Malware
Versions of the Chinese shopping app up to the most recent release were found to have malware present. The malicious code is an attack chain that specifically targets Samsung mobile devices, first discovered in early 2021.
-
FBI: Investment Fraud Now Leads All Cyber Crime in Losses Caused, but BEC and Ransomware Remain Strong
FBI IC3 annual report shows overall cyber crime complaint numbers are down (for the first time in a long time). However, total loss amounts are way up and online crime efficiency appears to be improving.
-
LockBit Ransomware Takes Credit for Hit on SpaceX Third Party Vendor
A breach of a third party vendor appears to have provided the LockBit ransomware gang with 3,000 sensitive SpaceX engineering schematics, which the criminals are threatening to take to auction if the company does not pay up.
-
Did a Ransomware Gang Compromise Amazon’s Ring After a Third Party Vendor Breach?
ALPHV ransomware gang is claiming that it is sitting on data from Amazon’s Ring network of personal security cameras. Amazon has confirmed that a third party vendor has been hit with the BlackCat ransomware.
-
Aviation Sector Subject to New Cybersecurity Requirements as Emergency Powers Invoked
The TSA order to the aviation sector is part of this general blitz of new cybersecurity requirements among critical infrastructure companies, but also comes as the industry is seeing increasing number of attacks.
-
Members of Congress May Have Had Sensitive Personal Information Exposed in Health Data Breach
A health data breach at a Washington DC medical insurance marketplace has caused a great deal of concern as it appears that members of Congress were among the compromised parties, who appear to number about 170,000 in total.
-
EPA Mandate Pushes Public Water Systems to Adopt New Cybersecurity Requirements
The new EPA cybersecurity requirements are extensive. Some public water systems will undoubtedly have a lot of work on their hands, as some of the smaller ones across the country have never had any kind of cyber defense program prior to this.
-
National Cybersecurity Strategy Calls for Software Producer Liability, More Reinforcement of Critical Infrastructure
In addition to potentially holding publishers liable for security vulnerabilities, Biden’s National Cybersecurity Strategy calls for more aggressive pursuit of foreign cyber threats. Critical infrastructure companies are also likely to face tougher standards and regulations.
-
Long-Term News Corp Security Breach Thought to Be an Espionage Campaign, Multiple Media Outlets Impacted
Media conglomerate News Corp has reported that a security breach first discovered in early 2022 stretches back to February 2020 and impacted a broad array of the company’s subsidiaries. Attackers believed to be a state-backed Chinese cyber espionage team.