π What’s trending in cybersecurity today?
FBI, Fake Remote Jobs, Phishing Kit V3B, Resecurity, AhnLab Security Intelligence Center, NiceRAT, Botnets, DarkCrystal RAT, Broadcom, Check Point, Forbes, London Hospitals, UKβs NHS, Cyble, Kommersant, HIPAA Journal, Harry Coker Jr, Navy Times, The New York State Senate, Heise Online, Microsoft Threat Analysis Center, Signal, TikTok, Zero-Day Exploit, Belarusia, Russian Supermarkets, Woodfords Family Services, Unified Cyber Laws, Navy Senior Chief, New York, Social Media Algorithms, Belgian Police, Paris Olympics, Disinformation Campaigns.
Listen to the full podcast
π¨Β Cyber Alerts
Yesterday, the FBI warned about scammers using fake remote job ads to steal cryptocurrency from job seekers across the United States. These scams lure victims with easy tasks and confusing compensation structures requiring cryptocurrency payments. To protect against these scams, the FBI advises caution with unsolicited job offers and never sending money to an alleged employer.
Cybercriminals are advertising a new phishing kit named ‘V3B’ on Telegram, targeting customers of 54 major financial institutions across Europe. The kit features advanced obfuscation, localization options, and supports OTP/TAN/2FA, making it highly effective. With over 1,250 members in its Telegram channel, V3B is quickly gaining traction in the cybercrime community.
Botnets, traditionally used for DDoS attacks, now employ malware capable of data exfiltration and installing additional malware. These new botnets utilize malware such as NanoCore and Emotet, distributed through disguised legitimate software, to extend their capabilities beyond traditional attacks. AhnLab identified persistent botnets distributing additional malware, highlighting the need for advanced security solutions to detect and block such threats.
Signal is exploited to deliver DarkCrystal RAT malware, targeting high-profile individuals. Victims receive an archive file containing executable files disguised as .pif or .exe. Cybersecurity firms recommend proactive measures to mitigate risks and emphasize the importance of collaboration in combating cyber threats.
Hackers utilize packers to encrypt and obscure their code, evading antivirus detection. CheckPoint analysts have observed an uptick in malicious use of packers, especially targeting financial and government sectors. Packers like BoxedApp provide advanced functionality, including virtual file systems and registries, making malware concealment and analysis challenging.
π₯ Cyber Incidents
Over the past week, high-profile TikTok accounts of companies and celebrities were hijacked through a zero-day vulnerability in the social media’s direct messages feature. This security flaw allowed attackers to compromise accounts without needing to download a payload or click embedded links; merely opening the malicious message was enough. Notable accounts affected include those belonging to Sony, CNN, and Paris Hilton, which had to be taken down to prevent further abuse.
A ransomware incident targeting Synnovis, a pathology and diagnostic services provider, has resulted in significant disruptions to healthcare services across multiple major NHS hospitals in London. While Synnovis has yet to issue a public statement regarding the attack, memos from affected partner hospitals reveal the severity of the situation, with disruptions described as an “ongoing critical incident” causing a “major impact” on services in southeast London. Emergency care remains accessible, but procedures such as surgeries and blood transfusions have been affected, prompting hospitals to cancel or redirect activities as necessary.
Belarusian hackers, known as Ghostwriter, strike Ukraine’s Ministry of Defence in a new espionage campaign. Utilizing phishing emails with drone image attachments, they aim to execute malicious payloads, steal data, and gain unauthorized access. Ukraine’s Computer Emergency Response Team warns of cyberattacks using DarkCrystal malware, escalating tensions in the region.
A cyberattack disrupts operations at Russian supermarkets, leaving customers unable to use bank cards or place online orders. Verny, a major retail chain, experiences service disruptions following the attack, forcing stores to accept cash only. The extent of the attack and the perpetrators remain unknown, but suspicions of extortion arise amidst significant financial losses.
Maine-based Woodfords Family Services notifies HHS about a cyberattack affecting 500 individuals’ health information. This marks the second breach in a year, with hackers accessing patient data, including sensitive financial details. The incident underscores growing concerns about cybersecurity in healthcare.
π’ Cyber News
Businesses stress need for unified cyber regulations to enhance security and competitiveness. The White House publicly shares feedback on untangling federal cybersecurity regulations, amid growing congressional interest. National Cyber Director highlights overwhelming concern over lack of regulatory harmonization.
Senior Chief Grisel Marrero, former command senior chief of the USS Manchesterβs gold crew, faced a court-martial and conviction for installing an unauthorized Wi-Fi system on the ship, violating Navy regulations, and subsequently lying about it to her superiors. Marrero’s actions, carried out between March and August 2023, prompted concerns regarding operational security and leadership integrity within the Navy.
New York lawmakers are close to finalizing regulations that would allow parents to block social media posts curated by algorithms, despite strong opposition from big tech companies. If passed, this legislation would be the first of its kind in the nation, aiming to protect children from addictive feeds that can harm mental health. However, critics argue that the bill could lead to unintended consequences and legal challenges, raising concerns about its effectiveness in creating a healthier online environment for young users.
Belgian police push for front-door access to encrypted messages amid privacy concerns, documents show. The National Technical Support Unit advocates for real-time communication access with standardized procedures. Civil society opposes encryption weakening proposals, advocating for digital privacy.
Russia’s disinformation campaign escalates, posing risks to the IOC and public perception of safety at the 2024 Games. Leveraging AI, fabricated content spreads fear of violence, utilizing deepfakes and fake news outlets to discredit the event and Macron’s government. Anticipated expansion into multiple languages and use of automated accounts heighten cybersecurity concerns.
Copyright Β© 2024 CyberMaterial. All Rights Reserved.
