January 5, 2024
Aaron Johnson, a 26-year-old criminal, executed a deceptively simple but effective scheme to steal over $300,000 from bank accounts by hacking into iPhones. Between 2021 and 2022, Johnson frequented Minnesota bars, where he would observe and memorize the passcodes of young people as they entered them into their iPhones. Once he had the passcodes, he stole the phones, locked the victims out of their Apple IDs, and enrolled his own face in the devices' Face ID, effectively gaining complete control.
January 5, 2024
A sophisticated JavaScript malware campaign, detected by IBM Security Trusteer in March 2023, has targeted over 40 financial institutions worldwide, compromising at least 50,000 user sessions across North America, South America, Europe, and Japan. This malware, using JavaScript web injections, primarily aims to steal online banking account credentials.
January 5, 2024
Carbanak, a notorious banking malware active since at least 2014, has resurfaced with new ransomware tactics. According to an analysis by NCC Group, Carbanak has evolved to incorporate diverse attack vectors, enhancing its effectiveness. It now uses compromised websites to distribute malware, often impersonating popular business-related software like HubSpot, Veeam, and Xero. Originally known for its data exfiltration and remote control capabilities, Carbanak has been a tool for the FIN7 cybercrime syndicate.
January 5, 2024
The U.S. Securities and Exchange Commission (SEC) has implemented a new rule requiring publicly traded companies to report "material" cybersecurity incidents within four business days. This rule aims to provide investors with more consistent and transparent information about potential cybersecurity risks, addressing the previous inconsistencies in major incident disclosures.
January 5, 2024
Researchers at Ruhr University Bochum have uncovered a critical vulnerability in the Secure Shell (SSH) protocol known as Terrapin (CVE-2023-48795, CVSS score: 5.9). This vulnerability introduces a novel prefix truncation attack, enabling attackers to compromise the integrity of SSH's secure channel by manipulating sequence numbers during the handshake process, permitting the removal of initial messages without detection.
August 4, 2023
SonicWall, an American cybersecurity firm, urgently alerted customers to patch critical vulnerabilities detected in its Global Management System (GMS) and Analytics software. These vulnerabilities, numbering 15 in total, allow attackers to bypass authentication in systems running older versions of the software, potentially exposing sensitive data.
August 4, 2023
A detailed analysis of nearly 20 million malware logs available on the dark web and Telegram has highlighted a significant penetration of information-stealing malware into business settings.
August 4, 2023
The Biden administration has unveiled its National Cybersecurity Strategy Implementation Plan (NCSIP) to detail the execution of the national cybersecurity strategy introduced earlier this year. Coordinated by the Office of the National Cyber Director, the plan establishes timelines and assigns responsibilities across 18 federal agencies for around 65 different initiatives.
August 4, 2023
Cybersecurity researchers have unveiled the first-ever open-source software supply chain attacks targeting the banking sector, as detailed by a report from Checkmarx. The attackers demonstrated advanced methods, including targeting specific web components of victim banks by adding malicious functionalities.
August 4, 2023
A critical vulnerability in Fortinet firewalls has put over 300,000 devices at risk of being compromised. The vulnerability, called FortiOS RCE (Remote Code Execution) bug, allows unauthorized individuals to gain control of affected firewalls without authentication or user interaction.