APT BEC Blackmail Breach Cyber Security Espionage Hacking Malware Phishing Scam Spam Trojan Vulnerability

UK government domains on spam blacklists, Samsung vice chairman indicted for fraud over merger, and more

Major cybersecurity events on 1st September 2020 (Evening Post): Report reveals scammers requested for gift cards in two-thirds of business email compromise attacks. Researchers discover new trojan malware family, KryptoCibule, targeting cryptocurrency.

Round Up of Major Breaches and Scams

Over 400 GOV.UK domains found on spam blacklists

Hundreds of domains managed by the U.K. government are on DNS-based blacklists creating email communication problems. Multiple government agencies, councils, and public welfare agencies rely on GOV.UK domain infrastructure to provide online services to Britain’s residents. Being on an automated IP blacklist usually signifies a problem with your mail infrastructure: most likely either your server has been sending spam, or was compromised at some point.

UCLA researcher charged with destroying hard drive amid FBI probe

A Chinese researcher employed at the University of California, Los Angeles (UCLA) has been detained by the Federal Bureau of Investigation (FBI) for allegedly destroying and obstructing critical evidence. This couldn’t have come at a worse time when Trump’s administration and Beijing based Byte Dance is already at par over short video creating platform TikTok. The application is under fire for collecting data and giving it to the Chinese government that can target individuals or the state for blackmail and espionage.

Samsung supremo Lee Jae-yong indicted for fraud over role in 2015 merger deal that made him heir apparent

South Korea has indicted Samsung Group vice chairman Lee Jae-yong over his role in a 2015 merger that made him heir apparent to the multinational’s empire. Samsung and Lee have denied the charges, which include alleged breaches of the country’s Capital Markets Act and External Audit Act. The transaction in question saw Samsung’s parent company, Samsung C&T, merged with an entity named Cheil Industries for $8bn. Lee owned 23 per cent of Cheil, which owned 46 per cent of Samsung Biologics. But Lee owned none of Samsung C&T.

Gift Cards Requested in Two-Thirds of BEC Attacks, Report Reveals

A report revealed that scammers requested funds in the form of gift cards in two-thirds of business email compromise (BEC) attacks. For a phishing trends report from the Anti-Phishing Working Group (APWG), APWG member Agari examined thousands of BEC attacks that occurred in the second half of 2020. It found that 66% of them involved gift cards. By contrast, direct bank transfers factored in just 18% of attacks, followed close behind by payroll diversions at 16%. exploited for phishing attacks

Slack, the communication and collaboration platform, has been gaining attention lately as a potential phishing platform and it has been targeted by malicious actors. Mainly bad actors have been developing various methods to phish users within the platform itself – with concerns ranging from DMs to Slackbot reminders and public Slack channels or workspaces.

Round Up of Major Malware and Ransomware Incidents

Researchers discover new malware family

A new trojan malware family has been identified by researchers that targets cryptocurrency. Researchers at ESET said the: “previously undocumented trojan malware family spreads through malicious torrents and that uses multiple tricks to squeeze as many cryptocoins as possible from its victims while staying under the radar.” ESET named the threat KryptoCibule, and it primarily targets users in the Czech Republic and Slovakia.

Round Up of Major Vulnerabilities and Patches

FBI warned of how Ring doorbell surveillance can be used against police officers

Leaked documents have revealed the concerns of law enforcement in how Internet of Things (IoT) technology can pose a risk to the safety of police officers. Smart doorbell vendors including Ring have created product lines that have transformed traditional bells and door chimes into intelligent technological solutions that provide location monitoring, real-time camera feeds, audio and visual recordings, and the ability to communicate with visitors remotely.