Saturday, July 11, 2020
Tripwire

Conti Ransomware Deemed a Possible Successor of Ryuk

Security researchers found evidence that the Conti ransomware strain could be a possible successor to the Ryuk crypto-malware family. Vitali Kremez, strategic advisor for SentinelLabs, analyzed both Conti and Ryuk. He found that the former appeared to be based...
Tripwire

Joker Spyware Infiltrated Google Play, Abused Old Trick to Target Users

Security researchers detected a new variant of the Joker spyware family that had infiltrated Google Play and had begun abusing an old trick to target users. Check Point Research found that the authors of Joker, a dropper and premium...
Tripwire

EDP Renewables Notifies Landowners of Ransomware Attack

Renewable energy company EDP Renewables notified its landowners of a ransomware attack that it suffered in the spring of 2020. In a sample notification letter received by the Attorney General’s Office of Vermont, EDP Renewables informed its landowners that...
Tripwire

Nigerian National Extradited to United States on BEC Scam Charges

A Nigerian national entered into the custody of the FBI to face charges of having targeted several U.S. companies with business email compromise (BEC) scams. On July 3, the U.S. Attorney’s Office for the Northern District of Illinois announced...
Tripwire

Trickbot Malware Using Screen Resolution Checks as Anti-VM Tactic

Security researchers spotted Trickbot malware checking the screen resolution as a means of evading analysis on a virtual machine (VM). Digital security firm MalwareLab came across a sample of the trojan that checked to see whether a computer’s screen...
Tripwire

New Mac Ransomware Leveraged Piracy as Means of Distribution

Security researchers detected a new ransomware strain that leveraged piracy as a means of distributing itself to Mac users. On June 29, a Twitter user reached out to Malwarebytes about a malicious Little Snitch installer that was available for...
Tripwire

Attackers Targeted Dozens of U.S. Companies with WastedLocker

Security researchers identified a string of attacks in which malicious actors attempted to target dozens of U.S. organizations with WastedLocker ransomware. Symantec detected the attack attempts on several of its customers’ networks. As part of this discovery, the security...
Tripwire

Vancouver Man Sentenced to Federal Prison for Developing DDoS Botnets

A Vancouver man received a federal prison sentence for his involvement in developing several distributed denial-of-service (DDoS) botnets. On June 25, the U.S. Attorney’s Office for the District of Alaska announced that Chief U.S. District Judge Timothy M. Burgess...
Tripwire

Lucifer Malware Abused Windows Exploits for Cryptomining, DDoS Attacks

New malware called “Lucifer” came with numerous exploits for conducting cryptomining functionality and performing distributed denial-of-service (DDoS) attacks on infected Windows machines. Palo Alto Networks’ Unit 42 research team identified two versions of Lucifer in their research. (Both variants...
Tripwire

New CryCryptor Ransomware Masqueraded as COVID-19 Tracing App

Security researchers came across a new ransomware family called “CryCryptor” that masqueraded as a Canadian COVID-19 tracing app. CryCryptor emerged just days after the Canadian government announced it would support the development of a national, voluntary tracing app for...
Tripwire

Ryuk Ransomware Deployed Two Weeks After Initial Trickbot Infection

Several attack campaigns waited two weeks after achieving a successful Trickbot infection before they deployed Ryuk ransomware as their final payload. SentinelOne came across the attacks as the result of monitoring an attack server employed by Trickbot’s handlers. In...
Tripwire

NitroHack Modifies Windows Discord Client into Infostealing Trojan

Security researchers discovered a new malware threat called “NitroHack” that modifies the Discord client for Windows into an infostealing trojan. MalwareHunterTeam observed malicious actors abusing DM’s from infected Discord users as a distribution vector. Specifically, they leveraged those accounts...
Tripwire

Amazon Web Services Mitigated a 2.3 Tbps DDoS Attack

Amazon Web Services (AWS) said that it mitigated a distributed denial-of-service (DDoS) attack with a volume of 2.3 Tbps. In its “Threat Landscape Report – Q1 2020,” AWS Shield revealed that its team members had spent several days responding...
Tripwire

Odd Protest-Themed Spam Messages Targeted Atlanta Police Foundation

Security researchers came across a series of odd protest-themed spam email messages that appeared to target the Atlanta Police Foundation. SANS’ Internet Storm Center observed that the spam messages first appeared to be instances of an extortion scam campaign....
Tripwire

Sextortionists Using Social Engineering Tactics to Collect Victims’ Data

Security researchers observed sextortionists leveraging social engineering techniques to steal their victims’ personal information. SANS’ Internet Storm Center (ISC) discovered that sextortionists had begun creating profiles for young women on dating websites. They used those profiles and the stated...

Windows 10 Security Game-Changer As Microsoft Reveals New Hacker Protection

Microsoft is set to bring a powerful new security feature to Windows 10 that just might be a game-changer.

15 Billion Stolen Logins Are Circulating on the Dark Web

Plus: Facebook's Roger Stone takedown, the BlueLeaks server seizure, and more of the week's top security news.
The Hacker News

Exclusive: Any Chingari App (Indian TikTok Clone) Account Can Be Hacked Easily

Following vulnerability disclosure in the Mitron app, another viral TikTok clone in India has now been found vulnerable to a critical but easy-to-exploit authentication bypass vulnerability, allowing anyone to hijack any user account and tamper with their information, content,...

Is TikTok Seriously Dangerous—Do You Need To Delete It?

Here's the reality behind all the headlines...

iPhone User Sues LinkedIn For Reading Clipboard Data After iOS 14 Alert Revelations

The fallout from Apple's new iOS 14 privacy notification feature continues as one iPhone user files a class-action lawsuit against LinkedIn for silently reading clipboard data.