Cyberscoop
NSO Group tech reportedly used to hack US officials' iPhonesNearly a dozen iPhones associated with U.S. State Department employees were hacked using spyware developed by Israel-based NSO Group, Reuters first reported Friday. The attacks were carried out in the last several months by an unknown assailant on U.S. officials either based in Uganda or focused on the country, sources told Reuters. The Washington Post…
The Justice Department is ramping up its crackdown on money mulesU.S. law enforcement recovered nearly $3.7 million in fraud proceeds and charged more than 30 individuals for their alleged involvement in receiving or transferring illicit proceeds over the past 10 weeks. The arrests, announced Friday, were part of the Justice Department’s “Money Mule Initiative,” which is aimed at cracking down on Americans who assist international…
Rail industry gets new cyber directives from TSAU.S. rail companies must commit more attention and resources to cybersecurity under Transportation Security Administration directives announced Thursday by the Department of Homeland Security. The new requirements include that surface rail owner and operators designate a cybersecurity coordinator; report a cybersecurity incident to DHS’s cybersecurity agency within 24 hours; complete a vulnerability assessment; and create…
Former Ubiquiti employee charged with stealing data, extorting employerThe FBI arrested a former employee of a U.S. technology company for allegedly breaching and stealing confidential data from his employer and then extorting the company for nearly $2 million. The defendant, Nickolas Sharp, after allegedly stealing sensitive information posed as a whistleblower to plant misleading news about the company’s breach, according to an indictment…
Fifth Domain Cyber
Krebs on Security
Who Is the Network Access Broker ‘Babam’?Rarely do cybercriminal gangs that deploy ransomware gain the initial access to the target themselves. More commonly, that access is purchased from a cybercriminal broker who specializes in stealing remote access credentials -- such as usernames and passwords needed to remotely connect to the target's network. In this post we'll look at the clues left…
Ubiquiti Developer Charged With Extortion, Causing 2020 “Breach”In January 2021, technology vendor Ubiquiti Inc. [NYSE:UI] disclosed that a breach at a third party cloud provider had exposed customer account credentials. In March, a Ubiquiti employee warned that the company had drastically understated the scope of the incident, and that the third-party cloud provider claim was a fabrication. On Wednesday, a former Ubiquiti…
Legal Technology News
Threatpost
Pandemic-Influenced Car Shopping: Just Use the Manufacturer APIJason Kent, hacker-in-residence at Cequence, found a way to exploit a Toyota API to get around the hassle of car shopping in the age of supply-chain woes.
Omicron Phishing Scam Already Spotted in UKOmicron COVID-19 variant anxiety inspires new phishing scam offering fake NHS tests to steal data.
What Are Your Top Cloud Security Challenges? Threatpost PollWe want to know what your biggest cloud security concerns and challenges are, and how your company is dealing with them. Weigh in with our exclusive poll!
Threat Group Takes Aim Again at Cloud Platform Provider ZohoAttackers that previously targeted the cloud platform provider have shifted their focus to additional products in the company’s portfolio.
‘Double-Extortion’ Ransomware Damage Skyrockets 935%Startling triple-digit growth is fueled by easy criminal access to corporate networks and RaaS tools, an analysis found.
Planned Parenthood Breach Opens Patients to Follow-On AttacksCyberattackers made off with addresses, insurance information, dates of birth, and most worryingly, clinical information, such as diagnosis, procedures, and/or prescription information.
AT&T Takes Steps to Mitigate Botnet Found Inside Its Network AT&T is battling a modular malware called EwDoor on 5,700 VoIP servers, but it could have a larger wildcard certificate problem.