Week 35 – What’s happening in InfoSec – by Tavian Hall

What’s NEW this week??

Hey, here’s this week’s rundown of interesting things that happened.

 

DoJ Aims to Seize 280 Cryptocurrency Accounts Used by Hackers

Complaint details collaboration with China to funnel $250m in stolen funds as part of state-sponsored attacks.

Iranian Hackers Target Academic Researcher via WhatsApp, LinkedIn

The Iran-linked hacking group known as Charming Kitten recently switched to WhatsApp and LinkedIn to conduct phishing attacks, Clearsky security researchers reveal.

Former Employee Admits Hacking, Damaging Cisco Systems

A former Cisco employee has pleaded guilty to hacking charges related to him accessing the networking giant’s systems and causing damage.

UltraRank hackers steal credit cards from hundreds of stores

A cybercriminal group specialized in infecting online shops to steal payment card data. is responsible for compromising almost 700 websites and more than a dozen third-party service providers.

Sendgrid Under Siege from Hacked Accounts

Email service provider Sendgrid is grappling with an unusually large number of customer accounts whose passwords have been cracked, sold to spammers, and abused for sending phishing and email malware attacks.

Tesla factory targeted by Russian hackers says Elon Musk

Elon Musk has confirmed that Russian hackers were plotting cyberattacks against the Tesla factory in Nevada.

Come 2021 the cost of cybercrime per minute expected to hit $11.4 million

A new report by RiskIQ has shown that the cost of cybercrime per-minute will cost organisations $11.4 million by the year 2021.

US wants to seize cryptocurrency stolen by North Korean hackers

The U.S. Justice Department today filed a civil forfeiture complaint aiming to seize control of 280 Bitcoin (BTC) and Ethereum (ETH) accounts containing funds allegedly stolen by North Korean hackers in attacks against two unnamed cryptocurrency exchanges.

Fake Login Page Detections Top 50,000 in 2020

Over 50,000 fake login pages were detected in the first half of 2020, with some able to be polymorphic and represent different brands.

Elon Musk confirmed Russian’s plans to extort Tesla

The FBI thwarted the plans of 27-year-old Russian national Egor Igorevich Kriuchkov to recruit an insider within Tesla’s Nevada Gigafactory, persuade him to plant malware on the company’s network, and then ransom Tesla under threat that he would leak data stolen from their systems.

Is China the World’s Greatest Cyber Power?

While the US, Russia, Israel, and several European nations all have sophisticated cyber capabilities, one threat intelligence firm argues that China’s aggressive approach to cyber operations has made it “perhaps the world’s greatest cyber power.”

Researchers Hijack 28,000 Printers to Show How Easily They Can Be Hacked

Researchers have once again demonstrated that many printers can be hacked remotely, by hijacking 28,000 devices and instructing them to print out a printer security guide.

Facebook sues maker of advertising SDK for refusing to participate in audit

Facebook also sued the operator of a website selling Instagram followers, likes, and comments.

How to launch malicious macros unnoticed on macOS

Many macOS computer users are still confident that their machines do not need protection. Worse, system administrators at companies where employees work on Apple hardware often hold the same opinion.

7 key advantages of using a VPN when working from home

VPN software has been prevalent in the digital market for decades now, however for most SMEs, the use of a virtual private network gained immense popularity more recently.

Facebook Hits Back At Apple’s iOS 14 Privacy Update

While privacy experts praised Apple’s upcoming iOS 14 updates, Facebook said the new features could cut its advertising business in half.

Russian cybercrime suspect arrested in $1m ransomware conspiracy

When ransomware hits, there are always 3 questions. How much? Did they pay? And the big one: How did the crooks get in?

4 Steps to Consider When Starting a New Cybersecurity Career

At a time when layoffs are painfully common, now might not seem like a great time to look for a new job or switch careers.

No more targeted ads on iPhone after new iOS 14 update – Facebook

Apple’s new anti-tracking tools on iOS 14 will render Facebook’s Audience Network ineffective.

Confirmed: Browsing histories can be used to track users

Browsing histories can be used to compile unique browsing profiles, which can be used to track users, Mozilla researchers have confirmed.

Google Location-Tracking Tactics Troubled Its Own Engineers

Google’s own engineers were troubled by the way the company secretly tracked the movements of people who didn’t want to be followed until a 2018 Associated Press investigation uncovered the shadowy surveillance, according to unsealed documents in a consumer fraud case.

US Arrests Tourist Over Malware Conspiracy

A man on vacation in Nevada has been charged with conspiracy after allegedly offering an employee $1m to infect their company’s computer network with ransomware.

 


Tavian Hall from Jamaica contributed this article. Tavian is a member of WISC (Women in InfoSec Caribbean), a Discord group for Caribbean women and girls to develop a career in Information Security.

Learn more about WISC and how at wisc.g5cybersecurity.com.

Previous Post

Namecheap hosting and email DOWN in prolonged outage

Next Post

Robinhood, Vanguard, TD Ameritrade affected by stock trading outages

Related Posts