Cybersecurity Weekly: Dark web market down, FBI finds vishing scheme, hackers pose as recruiters
The dark web market Empire is down due to a multi-day DDoS attack. A new FBI alert warns of an ongoing vishing campaign. Hackers target defense contractors by posing as recruiters. All this, and more, in this week’s edition of Cybersecurity Weekly.
See Infosec IQ in action
1. Dark web market Empire down due to a multi-day DDoS attack
The popular dark web site Empire Market has been down for at least 48 hours, with some users suspecting an exit scam and others blaming a prolonged distributed denial-of-service attack. Empire Market features numerous illicit goods including illegal drugs, chemicals, counterfeit items, jewelry and credit card numbers for sale using cryptocurrency payment methods.
Read more »
2. FBI alert warns of vishing campaign
As part of the attacks, which started in mid-July, adversaries attempted to gain access to employee tools via phishing phone calls. Once they were in possession of credentials, the attackers would access the databases of victim companies to harvest information on their customers and conduct further attacks.
Read more »
3. Hackers target defense contractors by posing as recruiters
A new in-the-wild malware has been spotted by the FBI that North Korean hackers are reportedly using to spy on key employees at government contracting companies. Dubbed BLINDINGCAN, the advanced remote access trojan acts as a backdoor when installed on compromised computers.
4. Zoom went down and schools got a digital snow day
Zoom users around the world are unable to join meetings and video webinars using the Zoom web client and the desktop app just as students going back to school this week are relying on the platform for online lessons. Some users also reported that they can't open the company's website.
Read more »
5. Experian South Africa suffers data breach affecting millions
The South African arm of Experian, one of the world's largest credit check companies, last week announced a data breach incident that exposed personal information of millions of its customers. The suspected attacker behind this breach had already been identified and the stolen data of its customers had successfully been deleted from their computing devices.
Read more »
6. A Google Drive feature could let attackers trick you into installing malware
An unpatched security weakness in Google Drive could be exploited by malware attackers to distribute malicious files disguised as legitimate documents or images, enabling bad actors to perform spearphishing attacks comparatively with a high success rate. The flaw allows users to upload and manage different versions of a file.
Read more »
7. Experts reported security bug in IBM's Db2 data management software
Last week, cybersecurity researchers disclosed details of a memory vulnerability in IBM's Db2 family of data management products that could potentially allow a local attacker to access sensitive data and cause denial-of-service attacks. An attacker could also create a malicious application to overwrite the memory with rogue data dedicated to tracing data.
Read more »
8. Iranian hackers attack exposed RDP servers to deploy Dharma ransomware
Low-skilled hackers are targeting companies in Russia, India, China and Japan. They are going after easy hits, using publicly available tools and deploying Dharma ransomware. Based on forensic artifacts, this is a non-sophisticated, financially-motivated gang that is new to cybercrime.
Read more »
9. Popular Freepik site discloses data breach impacting 8.3 million users
Freepik, the popular website that provides high-quality free photos and design graphics, has disclosed a major security breach. Freepik says that hackers were able to steal emails and password hashes for 8.3 million Freepik and Flaticon users in an SQL injection attack against the company’s Flaticon website.
Read more »
Phishing simulations & training
10. Uber’s former CSO has been charged with covering up a hack
Last week, the U.S. Department of Justice announced that Uber’s former chief security officer Joe Sullivan has been charged with obstruction of justice. Sullivan, who led Uber’s security team, has been accused of attempting to cover up a 2016 data breach, which exposed the data of 57 million Uber customers and drivers.
Read more »
In this Series
- Cybersecurity Weekly: Dark web market down, FBI finds vishing scheme, hackers pose as recruiters
- Canada Flipper Zero ban and new RustDoor macOS malware
- AnyDesk hack and iPhone patched kernel flaw
- Tesla Pwn2Own hacks and iOS push alerts abuse
- TeamViewer breach and Atlassian Jira outage
- Moscow ISP revenge hack and Microsoft Sharepoint bug warning
- X verified accounts hack and SpectralBlur macOS malware
- CISA default password alert and SOHO KV-botnet campaign
- New 5G modem flaws and Apple’s data breach report
- Staples cyberattack, Agent Racoon backdoor and other news
- British Library ransomware attack, Windows fingerprint authentication bypass
- Samsung UK data breach and ransomware actor’s SEC complaint
- ICBC ransomware attack and ChatGPT outage
- Boeing Lockbit ransomware attack, Apple’s vulnerability and WhatsApp mods spyware
- Octo Tempest hacking group and new iLeakage attack
- Okta support system breach and Google Ads fake KeePass campaign
- Skype DarkGate malware, Shadow PC breach and AvosLocker ransomware warning
- 23andMe data theft, MGM’s $100M ransomware loss and the Azure VM breach
- Malicious Bing Chat ads and FBI’s dual ransomware warning
- T-Mobile app glitch and fake Booking.com pages
- Airbus data leak, Cisco Webex ad malware and €345 million TikTok fine
- New Apple iMessage exploit and CISA’s Apache RocketMQ warning
- Forever 21 data breach and Android BadBazaar espionage
- Duolingo data leak and the Met Police IT hack
- Discord.io data breach and Ivanti Avalanche vulnerabilities
- UK Electoral Commission hack and Microsoft’s role in China email breach
- Salesforce email zero-day exploit and Microsoft Power Platform criticism
- Airlines disclose pilot data breach and the Microsoft Teams bug
- GravityRAT Android Trojan and new MOVEit Transfer flaw
- University of Manchester hack and Honda API flaws
- MOVEit zero-day exploit and the U.S. iPhone hack accusation
- Daam Android virus and Barracuda zero-day flaw
- TP-Link router exploit and 18-year-old charged with hacking DraftKings accounts
- Discord support hack and Toyota location data leak
- Twitter private tweets bug and Cisco phone router vulnerabilities
- Cisco XSS zero-day flaw and PaperCut vulnerabilities
- 3CX hackers hit critical infrastructure and secondhand routers cause security concerns
- Hyundai data breach and Microsoft’s warning to accountants
- Western Digital cloud breach and the MSI ransomware hack
- TMX loan data breach, Italy bans ChatGPT and WordPress Elementor Pro exploit
- ChatGPT data leak and Gmail message theft by North Korean hackers
- U.S. federal agency hack and the return of FakeCalls Android malware
- Massive AT&T data breach and fake jobs targeting security researchers
- U.S. Marshals service breach and TPM 2.0 security flaws
- Dangerous ChatGPT apps and food giant Dole ransomware attack
- GoDaddy malware installations, record-breaking DDoS attack and the new WhiskerSpy malware
- Reddit’s employees phished, healthcare firms targeted and the new Screenshotter malware
- JD Sports data breached, VMware ESXi servers attacked and the HeadCrab malware
- Yandex source code leaked, 4500+ WordPress sites hacked and the new SwiftSlicer malware
- PayPal accounts breached, Fortinet VPN flaw exploited, and the new Hook malware
- Twitter users’ emails leaked, ChatGPT used to write malware and Slack’s repository breach
We’ll customize our demo to your
- Security awareness goals
- Existing security and employee training tools
- Industry and compliance requirements
