Categories
ACE APT BEC Breach Bug CVE Cyber Security Data leak Espionage Hacking Malware Ransomware Scam Spyware Vulnerability Zero-day

US DoJ seizes $1B in Bitcoins tied to Silk Road, Hackers compromise 1,200 company VoIP servers, and more

Major cybersecurity events on 6th November 2020 (Morning Post): Ragnar Locker demands $15 million after stealing 2 TB unencrypted Campari files. North Korean cyberespionage campaign uses Torisma spyware to monitor victims in stealth. Apple releases updates for 3 actively exploited 0-day vulnerabilities.

Round Up of Major Breaches and Scams

Tech support scammer dialed random number and Australian Police’s cybercrime squad answered

A tech support scammer making random phone calls in the hope of finding a victim called the cybercrime squad of an Australian police force, which used the happy accident to document the scam and inform the public what to watch out for. The call was placed to the Financial and Cybercrime Investigation Branch (FCIB) in the state of South Australia, where the local Police force serves 1.75 million citizens.

Election officials are being more transparent about their work, thanks in part to the pandemic

As Americans await the results of a heated presidential contest, election officials are in the spotlight in a country on edge. They are trying to sift through a fog of domestic misinformation, and their methodical process for counting and verifying ballots is belying demands to hurry up, or stop. Now, security experts say months of extraordinary preparation during the coronavirus are paying off. After months of explaining how elections would work during a pandemic, state and local officials are projecting confidence to the public by being open about their work.

DOJ seizes $1 billion in cryptocurrency tied to Silk Road dark web market

The Department of Justice said Thursday that it seized approximately $1 billion worth of bitcoin, its biggest cryptocurrency seizure ever. The announcement solves a a years-old mystery about the shuttered Silk Road dark web market for illegal drugs and other unlawful goods, widely regarded as the largest and most extensive dark web marketplace of its time before its 2013 demise.

Hackers actively compromising VoIP phone system for monetization

One of the most interesting yet complex methods of exploitation employed by hackers is using the servers to make outgoing phone calls to generate profits. Check Point Research uncovered a cyber fraud campaign being operated from Gaza, Egypt, and West Bank. The hackers have compromised VoIP (voice over Internet Protocol) servers of over 1,200 organizations in 60 countries within the past one year.

Round Up of Major Malware and Ransomware Incidents

Ransomware attack shutters Brazilian courts. But did attackers breach the virtual machine divide?

Brazil’s Superior Tribunal de Justiça has temporarily shut down after a suspected ransomware attack. The Tribunal (STJ) is second-highest of Brazil’s courts and is the highest court that decides on federal matters other than constitutional law. At the time of writing, the court’s website consists of nothing but a series of updates on the attack. Those notifications state that a virus attack was detected on November 3, when court networks were shut down as a precaution.

Campari hit by Ragnar Locker Ransomware, $15 million demanded

Italian liquor company Campari Group was hit by a Ragnar Locker ransomware attack, where 2 TB of unencrypted files was allegedly stolen. To recover their files, Ragnar Locker is demanding $15 million. Campari Group is an Italian beverage company known for its popular liquor brands, including Campari, Frangelico, SKYY vodka, Epsolon, Wild Turkey, and Grand Marnier. As first reported by ZDNet, Campari released a press statement on Monday where they stated they suffered a cyberattack over the weekend, which caused them to shut down their IT services and network.

North Korean Hackers Used ‘Torisma’ Spyware in Job Offers-based Attacks

A cyberespionage campaign aimed at aerospace and defense sectors in order to install data gathering implants on victims’ machines for purposes of surveillance and data exfiltration may have been more sophisticated than previously thought. The attacks, which targeted IP-addresses belonging to internet service providers (ISPs) in Australia, Israel, Russia, and defense contractors based in Russia and India, involved a previously undiscovered spyware tool called Torisma stealthily monitor its victims for continued exploitation.

Capcom hit by Ragnar Locker ransomware, 1TB allegedly stolen

Japanese game developer Capcom has suffered a ransomware attack where threat actors claim to have stolen 1TB of sensitive data from their corporate networks in the US, Japan, and Canada. Capcom is well-known for its iconic game franchises, including Street Fighter, Resident Evil, Devil May Cry, Monster Hunter, and Mega Man. Yesterday, Capcom announced that they had been hit with a cyberattack on November 2nd, 2020, that led to the halting of portions of their corporate network to prevent the attack’s spread.

Round Up of Major Vulnerabilities and Patches

Apple emits iOS, iPadOS, watchOS, macOS patches to fix three hijack-my-device flaws exploited in the wild

Apple on Thursday issued security updates for iOS, iPadOS, watchOS, and macOS that address three holes reported by Google’s Project Zero bug hunters among exploitable flaws found by others. Installing the latest software for your iPhone, iPad and so on will address these programming blunders. The iPhone giant’s security bulletins note that the three flaws discovered and reported by Project Zero – CVE-2020-27930 (remote-code execution), CVE-2020-27950 (kernel memory leak), and CVE-2020-27932 (kernel privilege-escalation) – are being actively exploited in the wild.

Apple addresses three actively exploited iOS zero-days

Apple released iOS 14.2 that addressed three zero-day vulnerabilities in its mobile OS that have been abused in attacks in the wild. Apple has addressed three iOS zero-day vulnerabilities actively exploited in attacks the wild and affecting iPhone, iPad, and iPod devices. The zero-day vulnerabilities have been fixed by the IT giant with the release of iOS 14.2, iOS users are advised to install it immediately.

Update Windows 10 to patch critical vulnerability in Microsoft store games

The high severity privilege escalation vulnerability tracked as CVE-2020-16877 affected Windows Server and Windows 10. IOActive cybersecurity researchers have disclosed a privilege escalation vulnerability in Windows systems, which can be exploited through abusing games uploaded on Microsoft store. The vulnerability is classified as CVE-2020-16877 and rated high severity. It mainly affects Windows 10 and Windows Server.