Categories
Bug Data leak Hacking Malware Scam TrickBot Trojan Vulnerability Zero-day

Russian police detains scammers targeting VIP customers, Twitter internal tool used to hijack accounts, and more

Major cybersecurity events on 17th July 2020 (Evening Post): MyCastingFile.com leaks private data of 260,000 users. Dating and social accounts also targeted by BlackRock banking trojan. Iranian top hacking groups leave training videos exposed online.

Round Up of Major Breaches and Scams

Group-IB helps to detain fraudsters that used cloned SIM cards to steal money from banks’ VIP customers

Russian police have detained the organizers of a criminal group that focused on reissuing SIM cards and stealing money from Russian banking customers. With the assistance of Group-IB, an international company that specializes in preventing and investigating cyberattacks, the Moscow Criminal Investigation Department has detained the organizers of a criminal group that focused on reissuing SIM cards and stealing money from Russian banking customers.

Crypto scam: Twitter’s internal tool was used in hijacking verified accounts

Twitter has acknowledged that hackers used its internal tool for the hack leading to a crypto scam that tricked hundreds worldwide. Yesterday, Hackread.com reported a ‘tricky’ new crypto scam where hackers gained control of verified Twitter accounts. The compromised accounts then tweeted and asked people to send in cryptocurrency and get it doubled within no time.

FBI Issues Cybersecurity Warning to Air Travelers

The Federal Bureau of Investigation has issued a warning to air travelers to be wary of bogus US airport websites when booking flights online. Cyber-supervisory special agent Conal Whetten spoke to members of the press on Wednesday to raise awareness regarding the creation of a number of websites cleverly faked to look like the real deal. Whetten said these spoofed domains, which grow increasingly sophisticated as cyber-criminals hone their skills for mimicry.

US actor casting company leaked private data of over 260,000 individuals

A popular website used to cast US talent in movies and television shows exposed the data of roughly 260,000 individuals online. In a report shared exclusively with ZDNet, the cybersecurity team from Safety Detectives, led by Anurag Sen, said the breach was discovered at the beginning of June this year. New Orleans-based MyCastingFile.com is an online casting agency that recruits talent.

Iran-linked hackers steal sensitive data from US Navy member, researchers say

Allison Wikoff has spent years tracking suspected Iranian hackers, sifting through data they’ve left behind and analyzing their techniques. But in May, when her colleague stumbled upon a server with 40 gigabytes of the hackers’ training videos and online personas, Wikoff knew she had struck gold. “[When] we started combing through all the data and video files we couldn’t believe what we were seeing,” said Wikoff.

Round Up of Major Malware and Ransomware Incidents

New Android malware steals your dating and social accounts

A new Android banking trojan dubbed BlackRock steals credentials and credit card information from a list of 337 apps many of them used for many non-financial purposes. The malware was discovered in May by ThreatFabric analysts and it is derived from the leaked source code of the Xerxes banking malware, a known strain of the LokiBot Android trojan.

Round Up of Major Vulnerabilities and Patches

Iranian cyberspies leave training videos exposed online

One of Iran’s top hacking groups has left a server exposed online where security researchers say they found a trove of screen recordings showing the hackers in action. Discovered by IBM’s X-Force cyber-security division, researchers believe the videos are tutorials the Iranian group was using to train new recruits. The videos were recorded with a screen-recording app named BandiCam, suggesting they were recorded on purpose and not accidentally by operators who got infected by their own malware.

Zoom Addresses Vanity URL Zero-Day

An attacker could pose as a company employee, invite customers or partners to meetings, then use socially engineered conversation to extract sensitive information. A previously undisclosed bug in Zoom’s customizable URL feature has been addressed that could have offered a hacker a perfect social-engineering avenue for stealing credentials or sensitive information.

Google says a bug is erroneously showing security alerts for TiVO devices

Google says that a bug on its side is responsible for showing scary security alerts to owners of TiVO streaming dongles. The security alerts have been popping up for at least two weeks. They occur after the installation process of TiVO Stream 4K USB dongles. The process requires users to set up and link a Google account on the device in order to receive access to the official Play Store and install streaming apps.

DHS CISA tells government agencies to patch Windows Server DNS bug within 24h

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (DHS CISA) issued an emergency directive today instructing all government agencies to deploy patches or mitigations for a critical bug in Windows Server within the next 24 hours. The emergency directive urges agencies to patch a vulnerability known as SIGRed, discovered by Check Point researchers, for which Microsoft released updates this week, during its regular Patch Tuesday window.