Skybox Security Raises $50M, Hires New CEO
The San Jose company announced Wednesday that former Digital Guardian CEO Mordecai (Mo) Rosen will take the reins at Skybox and manage the company through a new financing round that brings the total raised to $335 million. The private equity-backed Skybox said investors in the latest round include CVC Growth Funds, Pantheon, and J.P. Morgan….
New Linux variant of Clop Ransomware uses a flawed encryption algorithm
SentinelLabs researchers have observed the first Linux variant of the Clop ransomware. The researchers noticed that the encryption algorithm implemented in the ELF executable is flawed and can allow victims to decrypt locked files without paying a ransom. The researchers observed the first ELF variant of the Clop ransomware targeting Linux systems on December 26,…
Cloud Apps Still Demand Way More Privileges Than They Use
The rise of the cloud has made business more agile, flexible, and streamlined, which are all solid reasons why over 90% of enterprises have committed to a multicloud strategy. But complexity creates seams where secrets leak out. Recent high-profile breaches at Microsoft and at airports have made misconfigured S3 buckets a cybersecurity trope. However, configuration…
New Banking Trojan Targeting 100M Pix Payment Platform Accounts
A new Android banking Trojan called PixPirate is targeting more than 100 million Brazilian Pix instant payment accounts. The Pix payment platform was created and is operated by the Brazil Central Bank, and it’s used to make instant mobile payments across Latin America using a variety of banks. Researchers with the Cleafy TIR Team —…
Notorious Finnish Hacker ‘Zeekill’ Busted by French Police
French police arrested a notorious hacker who’s suspected of forming part of an extortion scheme that targeted a Finnish psychotherapy practice and its patients. Aleksanteri Tomminpoika Kivimäki, 25, is the focus of a European arrest warrant issued last October in Finland. He’s been charged with participating in the hack of Vastaamo Psychotherapy Center. The now-defunct…
New York Attorney General Fines Vendor for Illegally Promoting Spyware
Since 2011, Hinchy has owned and operated numerous companies, including the 16 investigated by the New York OAG, for selling and promoting spyware targeting Android and iOS devices, including Auto Forward, Easy Spy, DDI Utilities, Highster Mobile, PhoneSpector, Surepoint, and TurboSpy. Once installed on victim devices, the spyware would collect and exfiltrate data such as…
How Cybercriminals Are Operationalizing Money Laundering and What to Do About It
It’s almost impossible to pinpoint the amount of money that’s laundered globally, but conservative estimates put it at anywhere from $800 million to $2 trillion, according to the United Nations’ Office on Drug and Crimes — and that’s likely just the tip of the iceberg. It’s a crime that, in turn, fuels some of the…
Scores of Redis Servers Infested by Sophisticated Custom-Built Malware
An unknown threat actor has been quietly mining Monero cryptocurrency on open source Redis servers around the world for years, using a custom-made malware variant that is virtually undetectable by agentless and conventional antivirus tools. Since September 2021, the threat actor has compromised at least 1,200 Redis servers — that thousands of mostly smaller organizations…
Is Your EV Charging Station Safe? New Security Vulnerabilities Uncovered
Two new security weaknesses discovered in several electric vehicle (EV) charging systems could be exploited to remotely shut down charging stations and even expose them to data and energy theft. The findings, which come from Israel-based SaiFlow, once again demonstrate the potential risks facing the EV charging infrastructure. The issues have been identified in version…
Post-Macro World Sees Rise in Microsoft OneNote Documents Delivering Malware
In a continuing sign that threat actors are adapting well to a post-macro world, it has emerged that the use of Microsoft OneNote documents to deliver malware via phishing attacks is on the rise. Some of the notable malware families that are being distributed using this method include AsyncRAT, RedLine Stealer, Agent Tesla, DOUBLEBACK, Quasar…
