Shannon Vavra – Page 7 – WindowsTechs.com

Spanish cops arrest four in ‘FluBot’ text hacking scheme

Posted on March 8, 2021 by Shannon Vavra

Police in Barcelona have arrested four hackers suspected to be behind a massive criminal scheme which has targeted tens of thousands of victims with malicious links impersonating banks in order to steal victims’ credentials and money. In the raid, which took place March 2, the police collected laptops, cash, documents, and other high-end mobile devices, the Criminal Investigation Division of the Barcelona Metropolitan Police Region said in an announcement. The scammers’ plot included sending bad links through SMS messages to victims, which, if clicked, would direct targets to fake pages imitating banking pages or mobile operators, where the hackers would then steal victims’ credentials and duplicate the victims’ SIM cards to take control of the victims’ phones, according to the release. The attacker-controlled sites were hosted on servers located in the Cayman Islands, according to law enforcement. The hackers would then make fraudulent money transfers with their newfound access and […]

The post Spanish cops arrest four in ‘FluBot’ text hacking scheme appeared first on CyberScoop.

Continue reading Spanish cops arrest four in ‘FluBot’ text hacking scheme→

Victims of Microsoft Exchange Server zero-days emerge

Posted on March 5, 2021 by Shannon Vavra

The list of victims potentially affected by Microsoft zero-day flaws is growing by the day. The email systems of the city of Prague and the Czech Republic’s Labour Ministry have been impacted in recent days in hacking incidents, government officials said Thursday. The Czech Office for Cyber and Information Security confirmed it is responding to attacks caused by the zero-days, while Norway’s National Security Authority also warned victims were cropping up in Norway earlier this week. The steady flow of announcements of email hacking should come as no surprise after the Department of Homeland Security’s cybersecurity agency the Cybersecurity and Infrastructure Security Agency (CISA) warned of the “likelihood of widespread exploitation” of vulnerabilities that Microsoft revealed earlier this week. The effort appears to be an espionage operation run by a Chinese state-sponsored group interested in accessing email accounts and targeting victims with malware in order to establish long-term data collection capabilities, […]

The post Victims of Microsoft Exchange Server zero-days emerge appeared first on CyberScoop.

Continue reading Victims of Microsoft Exchange Server zero-days emerge→

Army warns of QR code scams amid pandemic

Posted on March 4, 2021 by Shannon Vavra

Quick response codes, or QR codes, may be easy and convenient to use to read menus at restaurants during the pandemic or to enable touch free mobile payments — but the Army now warns that criminals can exploit QR codes to connect phones to run scams. When smart phones scan a QR code, which is made up of black and white dots arranged in a square, the code will typically open up a browser or enable a payment to a business. Users should also be wary of cybercriminals who may try to use QR codes to steal users’ money, the Army Criminal Investigation Command’s Major Cybercrime Unit said in the alert, issued earlier this week. Scams could also include connecting devices that scan QR codes to a malicious network and sending texts or making calls to users’ contacts or adding malicious contacts to the contact list, the Army alert warned. Eighty-four […]

The post Army warns of QR code scams amid pandemic appeared first on CyberScoop.

Continue reading Army warns of QR code scams amid pandemic→

Far-right misinformation on Facebook outranks real news

Posted on March 4, 2021 by Shannon Vavra

Far-right misinformation shared on Facebook surrounding the 2020 presidential election received more engagement than real news, according to research published by New York University Wednesday. “Far-right sources designated as spreaders of misinformation had an average of 426 interactions per thousand followers per week, while non-misinformation sources had an average of 259 weekly interactions per thousand followers,” the researchers said in a blog post on their findings. Overall, misinformation authors on the far right received 65% more engagement per follower than other pages, according to the research. Real news was more popular than misinformation in every other partisan news category examined, according to the study — for the slightly right, center, slightly left and far left, real news outranked misinformation on Facebook. Misinformation outranked real news only on the far right, according to the research. The NYU researchers analyzed posts between August 10 of last year and January 11 of this […]

The post Far-right misinformation on Facebook outranks real news appeared first on CyberScoop.

Continue reading Far-right misinformation on Facebook outranks real news→

Ryuk ransomware develops worm-like capabilities, France warns

Posted on March 3, 2021 by Shannon Vavra

A new sample of Ryuk ransomware appears to have worm-like capabilities, according to an analysis from the French National Agency for the Security of Information Systems (ANSSI), France’s national cybersecurity agency. With such worm-like self-replicating capabilities, Ryuk, one of the most prolific strains of ransomware in the world, can spread from machine to machine without any human interaction. The development presents only another challenge for security-minded researchers and law enforcement authorities already trying to grapple with the scourge of ransomware attacks pummeling international networks. Ryuk hackers have previously leveraged other methods to spread through the networks they target, and have not previously had the ability to move laterally in a network, according to previous research from the U.K.’s National Cyber Security Centre. ANSSI found the sample with the new capability earlier this year, the analysis states. The disclosure of the discovery comes weeks after law enforcement entities from multiple countries […]

The post Ryuk ransomware develops worm-like capabilities, France warns appeared first on CyberScoop.

Continue reading Ryuk ransomware develops worm-like capabilities, France warns→

Number of investigations into SolarWinds breach grows, along with cleanup cost

Posted on March 2, 2021 by Shannon Vavra

SolarWinds, the federal contractor breached by suspected Russian hackers, acknowledged investigations and inquiries from the Securities and Exchange Commission, the Department of Justice and several state attorneys general, in a filing on Monday. The Texas-based company disclosed the investigations, which include inquiries related to the European Union’s General Data Protection Regulation, in its annual report to investors Monday. The company noted it expects to face significant costs from the various investigations. Executives previously suggested that SolarWinds would pay $20 to $25 million in security-related expenditures to resolve the incident. SolarWinds did not describe the exact reasons for the investigations in the filing. The disclosure is the latest indication, though, that SolarWinds will be dealing with the fallout of a suspected Russian espionage campaign, which undermined one of the company’s software updates with malicious code to breach nine U.S. government agencies, for months. “Numerous domestic and foreign governmental authorities are investigating […]

The post Number of investigations into SolarWinds breach grows, along with cleanup cost appeared first on CyberScoop.

Continue reading Number of investigations into SolarWinds breach grows, along with cleanup cost→

Suspected China-linked hackers targeted India’s energy sector, research suggests

Posted on March 1, 2021 by Shannon Vavra

A hacking group with suspected ties to China has been targeting entities in the power generation and distribution sector in India, according to Recorded Future research published Sunday. The group, which Recorded Future is calling “RedEcho,” has targeted 10 power sector organizations in India since mid-2020, including four of five regional load dispatch centers that balance electricity supply and demand, according to the research. The attackers have also targeted at least two Indian seaports, Recorded Future says. RedEcho has targeted Indian energy assets using command and control infrastructure linked with a malware known as ShadowPad, which has been linked with several suspected Chinese government-connected hacking groups. The identity of the hackers behind RedEcho is unclear. Infrastructure and targeting activity that Recorded Future observed, though, overlaps with a China-linked group called APT41, analysts said. The group, which has previously used ShadowPad malware, has ties to China’s civilian intelligence agency, the Ministry […]

The post Suspected China-linked hackers targeted India’s energy sector, research suggests appeared first on CyberScoop.

Continue reading Suspected China-linked hackers targeted India’s energy sector, research suggests→

Microsoft shares tool to hunt for compromise in SolarWinds breach

Posted on February 26, 2021 by Shannon Vavra

Microsoft is offering up the tool it used to track down potential indicators of compromise in the sweeping SolarWinds breach, the company announced Thursday. Microsoft is releasing the so-called CodeQL queries it used to investigate its source code, in an effort to help other organizations mitigate the risk from the cascading cyber-espionage campaign involving a breach at the U.S. federal contractor SolarWinds. Microsoft is aiming to help firms pinpoint code-level indicators of compromise (IoCs), Microsoft’s Security Team said in a blog. By digging into their own code, organizations can assess if they have been compromised by the hack, in which suspected Russian hackers laced malicious software in a SolarWinds product’s software update, Microsoft said. The company has described the campaign as “Solorigate.” “A key aspect of the Solorigate attack is the supply chain compromise that allowed the attacker to modify binaries in SolarWinds’ Orion product,” the blog post said. “These […]

The post Microsoft shares tool to hunt for compromise in SolarWinds breach appeared first on CyberScoop.

Continue reading Microsoft shares tool to hunt for compromise in SolarWinds breach→

Vietnamese hackers spent years harassing human rights activists with spyware

Posted on February 25, 2021 by Shannon Vavra

For the past several years a Vietnamese hacking group best known for its attacks on the auto sector has been targeting activists and non-governmental organizations with spyware, according to an Amnesty International investigation published Wednesday. The suspected government-linked hackers, known as OceanLotus or APT32, specifically targeted pro-democracy activist Bui Thanh Hieu, who writes about human rights and economic justice, with spyware on four occasions between February 2018 and December 2019, according to the investigation. The same group launched spyware against a blogger, who has written on a violent police clash in Vietnam in 2009, three times between July and November of last year. Bui Thanh Hieu has been exiled in Germany since 2013. Amnesty did not identify the blogger out of concern for their safety. The hackers also went after the Vietnamese Overseas Initiative for Conscience Empowerment (VOICE), which works on behalf of Vietnamese refugees resettling, in April of 2020. […]

The post Vietnamese hackers spent years harassing human rights activists with spyware appeared first on CyberScoop.

Continue reading Vietnamese hackers spent years harassing human rights activists with spyware→