Categories
ACE Arbitrary Code Execution Breach Bug Cyber Security Data leak DDoS Hacking Malware Misinformation Phishing Ransomware RAT Scam Vulnerability Zero-day

Pransksters hijack smart devices to live stream swatters, Apple loses copyright suit against security startup, and more

Major cybersecurity events on 30th December 2020 (Morning Post): 21 arrested after allegedly using stolen WeLeakInfo.com logins to commit fraud. Voyager cryptocurrency broker halted trading due to cyberattack. Lawsuit claims flawed facial recognition led to man’s wrongful arrest.

Round Up of Major Breaches and Scams

FBI: Pranksters are hijacking smart devices to live-stream swatting incidents

The US Federal Bureau of Investigation says pranksters are hijacking weakly-secured smart devices in order to live-stream swatting incidents. “Recently, offenders have been using victims’ smart devices, including video and audio capable home surveillance devices, to carry out swatting attacks,” the FBI said in a public service announcement published today. Officials say pranksters are taking over devices on which owners created accounts but reused credentials that previously leaked online during data breaches at other companies.

SolarWinds hackers aimed at access to victims’ cloud assets

Microsoft says that SolarWinds hackers aimed at compromising the victims’ cloud infrastructure after deploying the Solorigate backdoor (aka Sunburst). The Microsoft 365 Defender Team revealed that the goal of the threat actors behind the SolarWinds supply chain attack was to move to the victims’ cloud infrastructure once infected their network with the Sunburst/Solorigate backdoor. “With this initial widespread foothold, the attackers can then pick and choose the specific organizations they want to continue operating within,” Microsoft explains.

21 arrested after allegedly using stolen logins to commit fraud

UK police also give some food for thought to those on the verge of breaking the law The long arm of the law has caught up with 21 people who are believed to have bought purloined login credentials on the now-defunct WeLeakInfo.com website and used them to break into other people’s online accounts and commit various cybercrimes. Some of those arrested are also suspected of having used the criminal marketplace for trading in tools such as Remote Access Trojans (RATs) and crypters.

Apple Loses Copyright Suit Against Security Startup

A federal judge Tuesday dismissed Apple’s copyright infringement lawsuit against cybersecurity startup Corellium in a case which could have implications for researchers who find software bugs and vulnerabilities. Judge Rodney Smith said Apple failed to show a legal basis for protecting its entire iOS operating system from security researchers. Apple sued the Florida-based startup in 2019 claiming its “virtualization” of iOS software constituted copyright infringement.

Voyager cryptocurrency broker halted trading due to cyberattack

The Voyager cryptocurrency brokerage platform halted trading yesterday after suffering a cyberattack targeting their DNS configuration. Voyager Digital LLC is a cryptocurrency broker that allows investors to trade assets using the Voyager mobile app. Voyager has rapidly grown this year with a 40x growth in 12 months and $200 million in assets under management. Yesterday, the Voyager trading platform was suddenly shut down with an announcement that it was “currently undergoing maintenance.”

Hackers publish client data stripped from Auckland financial services company on dark web

Personal information belonging to clients of an Auckland financial services firm has been published on the dark web after the company fell victim to a ransomware attack. Earlier this month a blog post on the dark web showed cyberattackers appeared to be in possession of sensitive information held by financial services company Staircase Financial Management. The post on NetWalker Blog had a countdown clock indicating how much time was left before the data was made public.

Round Up of Major Malware and Ransomware Incidents

Wasabi cloud storage service knocked offline for hosting malware

Cloud storage provider Wasabi suffered an outage after a domain used for storage endpoints was suspended for hosting malware. Wasabi is a cloud storage provider that competes with solutions like Amazon S3 by offering significantly cheaper services, not charging egress or API fees, and promising a 99.99% data durability. Yesterday, at approximately 2:30 PM EST, Wasabi users suddenly found that they could no longer access their storage buckets hosted on the wasabisys.com domain.

Round Up of Major Vulnerabilities and Patches

Lawsuit Claims Flawed Facial Recognition Led to Man’s Wrongful Arrest

Black man sues police, saying he was falsely ID’d by facial recognition, joining other Black Americans falling victim to the technology’s racial bias. Racial bias against non-white skin in facial recognition landed Nijeer Parks ten days in jail in 2019 after the technology falsely identified him as a shoplifting suspect, a new lawsuit says. It didn’t matter that he hadn’t been to the location of the crime, a Hampton Inn hotel in Woodbridge, New Jersey, according to Parks. The tech fingered him and that was enough for police, he said.

Multiple Vulnerabilities in ArubaNetworks ArubaOS and SD-WAN Could Allow for Arbitrary Code Execution

Multiple vulnerabilities have been discovered in ArubaNetwork’s ArubaOS and SD-WAN, which could result in arbitrary code execution. Aruba (a Hewlett Packard Enterprise company) is the worldwide second-largest enterprise WLAN vendor after Cisco. ArubaOS is its WLAN controller system for automating WLAN management, and SD-WAN (software defined WAN) is its cloud-oriented WAN orchestration system. Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code in context of the user running the application.