Cyber Bites

GoDaddy on Tuesday reported an October data breach to Californian authorities, stating that an unauthorised individual was able to access SSH accounts used in its hosting environment. "We have no evidence that any files were added or modified on your account," the company said while omitting evidence that files could have been viewed and exfiltrated. "The unauthorized individual has been blocked from our systems, and we continue to investigate potential impact across our environment. "GoDaddy...

Security researchers say they've discovered yet another strain of malware that was specifically built to infect Linux-based servers and smart Internet of Things (IoT) devices, and then abuse these systems to launch DDoS attacks. Named Kaiji, this new malware was spotted last week by a security researcher named MalwareMustDie and the team at Intezer Labs. The malware is very different from other IoT malware strains, primarily because it's written in the Go programming language, rather...

 A hacker is selling a database containing the information of 91 million Tokopedia accounts on a dark web market for as little as $5,000. Other threat actors have already started to crack passwords and share them online. Tokopedia is Indonesia's largest online store, with 4,700 employees and over 90 million active users. This weekend, data breach monitoring and cybersecurity intelligence firm Under the Breach discovered that a hacker was offering the account information for 15...

Privacy experts have blasted the home affairs department for a data breach revealing the personal details of 774,000 migrants and people aspiring to migrate to Australia, including partial names and the outcome of applications. At a time the federal government is asking Australians to trust the security of data collected by its Covid-Safe contact tracing app, privacy experts are appalled by the breach, which they say is just the latest in a long line of...

Two separate attacks have targeted as many as 50,000 different Teams users, with the goal of phishing Office 365 logins. A convincing cyberattack that impersonates notifications from Microsoft Teams in order to steal the Office 365 credentials of employees is making the rounds, according to researchers. Two separate attacks have targeted as many as 50,000 different Teams users, according to findings from Abnormal Security. The news comes as the U.S. Department of Homeland Security’s Cybersecurity...

The European Union (EU) has urged cybercriminals to halt all malicious activity exploiting the global Covid-19 pandemic. The EU’s High Representative, Josep Borrell, singled out attacks on “critical infrastructures that are essential to managing this crisis” as particularly egregious in a press release issued yesterday (April 30). He noted the proliferation of “malware distribution campaigns, scanning activities and distributed denial-of-service (DDoS) attacks” since the outbreak. “All perpetrators must immediately refrain from conducting such irresponsible and...

Popular open-source blogging platform with more than 2 million installs confirms it has been hacked. Although most people tend to immediately think of WordPress when asked to name a blogging platform, it certainly isn't the only player in town. The self-proclaimed "world's most popular modern open-source publishing platform," Ghost, includes big-name customers such as Mozilla, NASA, and DuckDuckGo among its 750,000 registered users, according to its website. In the last week alone, Ghost users, including...

The team behind the ransomware, first spotted in late 2014 and typically targeting Russian victims, apologized to victims in a post on GitHub. The threat actors behind the Shade ransomware have called it quits, releasing 750,000 encryption keys on GitHub and publicly apologizing to victims affected by the malware. User “shade-team” posted four files on the code repository earlier this week, one containing the file keys and four “ReadMe” files with decryption instructions and other...

 Ransomware has emerged as one of the top threats facing large organizations over the past few years, with researchers reporting a more than a fourfold increase in detections last year. A recent infection by a fairly new strain called LockBit explains why: after it ransacked one company’s poorly secured network in a matter of hours, leaders had no viable choice other than to pay the ransom. A report published by McAfee documents the effectiveness of...

A cybercrime group operating since mid-2019 has breached the email accounts of high-ranking executives at more than 150 companies, cyber-security firm Group-IB reported today. The group, codenamed PerSwaysion, appears to have targeted the financial sector primarily, which accounted for more than half of its victims; although, victims have been recorded at companies active across other verticals as well. PerSwaysion operations were not sophisticated, but have been extremely successful, nonetheless. Group-IB says the hackers didn't use...