23andMe Says Hackers Saw Data From Millions of Users
While the hackers were only able to get into about 14,000 accounts, or 0.1 percent of its customers, they were able to see information shared by genetically linked relatives at 23andMe, a spokesperson said in reply to an AFP inquiry. 23andMe is in the process of notifying affected customers and has hardened account security by…
Attackers add hacked servers to commercial proxy networks for profit
Hackers are using commercial proxy networks that pay users for their bandwidth to monetize their illegally obtained access to servers. Dubbed proxyjacking, this type of abuse has been increasingly observed alongside other forms of abusing hacked servers, such as cryptojacking. “Although the concept of proxyjacking is not new, the ability to easily monetize it as…
Gozi banking malware “IT chief” finally jailed after more than 10 years
Yesterday, we wrote about cybercrime charges that were finally unsealed for a massive cryptocurrency heist that was allegedly conducted over a three-year period starting back in 2011. Today’s long-term cybercrime justice story concerns the last member of the so-called Gozi Troika, three men who were originally charged in January 2013 for malware-related crimes that apparently…
Latitude Financial Attack Costs Company Up to AU$105 Million
Australian consumer lender Latitude Financial Services anticipates its spring cybersecurity incident will cost it up to AU$105 million, which includes a five-week period during which debt collection systems were severely affected by the attack. Hackers demanded extortion from the non-bank creditor after stealing data pertaining to 14 million customers, including nearly 8 million Australian and…
Iranian Hackers Deploy New Ransomware Against Israeli Firms
Security researchers have discovered an Iran-linked APT group carrying out a new chain of ransomware attacks using a new strain of malware against Israeli organizations. Researchers at Check Point found a ransomware strain called Moneybird that is reminiscent of the Iranian Agrius group’s previous campaigns. Agrius gained notoriety for targeting Israel-based entities with wiper variants,…
Iranian ‘Educated Manticore’ Hackers Target Israel
Iranian hackers are deploying an updated backdoor apparently targeting Israeli academic researchers with an interest in Iraq. Researchers at Check Point Security said a group they have dubbed “Educated Manticore” is sending the Iraq-themed bait in order to coax users into initiating a new and improved infection chain that ends with deployment of an implant…
Experts released PoC Exploit code for actively exploited PaperCut flaw
Hackers are actively exploiting PaperCut MF/NG print management software flaws (tracked as CVE-2023-27350 and CVE-2023-27351) in attacks in the wild. The threat actors were observed installing the Atera remote management software to take over vulnerable servers. On April 19th, Print management software provider PaperCut confirmed that it is aware of the active exploitation of the…
Commercial Surveillance Industry Set for Growth, Says NCSC
The global commercial spyware market will expand over the next five years as demand for advanced surveillance tools by governments surges, says a new report from the U.K’s National Cyber Security Centre. The NCSC report, which defines the proliferation of surveillance tools such as NSO Group’s Pegasus as a threat, assesses that at least 80…
Hackers are actively exploiting a flaw in the Elementor Pro WordPress plugin
WordPress security firm PatchStack warns of a high-severity vulnerability in the Elementor Pro WordPress plugin that is currently being exploited by threat actors in the wild. Elementor Pro is a paid plugin that is currently installed on over 11 million websites, it allows users to easily create WordPress websites. This vulnerability was reported on March…
China-linked hackers target telecommunication providers in the Middle East
In the first quarter of 2023, SentinelLabs researchers spotted the initial phases of attacks against telecommunication providers in the Middle East. According to the researchers, the activity is part of the Operation Soft Cell that was first reported in June 2019 by Cybereason. At the time, researchers at Cybereason uncovered the long-running espionage campaign tracked…
