Cyber Bites

An anonymous threat actor is selling several databases which they claim contain more than 22 terabytes of stolen information on roughly 1 billion Chinese citizens for 10 bitcoins (approx. $195,000). The announcement was posted on a hacker forum by a user with the handle 'China Dan,' saying that the information was leaked from the Shanghai National police (SHGA) database. The information they shared about the allegedly stolen data suggests that these databases contain Chinese national...

The Netherlands Maastricht University has announced that an extended investigation into a ransomware attack in 2019 has finally resulted in the seizure of €500,000. Yet, what is remarkable is that Maastricht University only paid out €200,000 originally. In 2019 Maastricht University was hit by a wave of malware which paralyzed the campus. The attack prevented staff and students from accessing research data, email, or library resources. With no other immediate options open to them, the...

NATO has announced plans to develop virtual rapid response capabilities "to respond to significant malicious cyber activities." These plans were published in a declaration made following the NATO Summit in Madrid, last week. The latest summit was significant in light of Russia's invasion of Ukraine earlier this year, amid fears of the conflict spreading further. Referring to the invasion, the declaration stated: “We, the Heads of State and Government of the North Atlantic Alliance, have...

HackerOne, a vulnerability coordination and bug bounty platform, announced that a former employee of theirs had used their access to sensitive information regarding the vulnerabilities of clients to turn a quick profit. The unnamed individual’s system access was terminated just 24 hours after a tip off from a customer revealed they had “improperly accessed information in clear violation of our values, our culture, our policies, and our employment contracts.” The employee appeared to have contacted...

Following concerns that U.S. users' data had been accessed by TikTok engineers in China between September 2021 and January 2022, TikTok sought to assure U.S. lawmakers that it's taking steps to "strengthen data security." The admission that some China-based employees can access information from U.S. users came in a letter sent to nine senators. The letter said that the procedure requires the individuals to clear numerous internal security protocols. First reported by The New York...

Reportedly, CloudSEK used its artificial intelligence (AI)-powered digital risk platform XVigil to identify a post on a cybercrime forum mentioning open source automation server platform Jenkins as one of the TTP (tactics, techniques, and procedures) used by a threat actor (TA) in attacks against IBM and Stanford University. Used by a TA to get clicks on ads, the module has hidden desktop takeover capabilities. The post on the English-speaking forum was spotted by CloudSEK on...

Microsoft's Security Intelligence team have issued a new warning against a known cloud threat actor group. Active since early 2017 and tracked as 8220, the group have now updated its malware toolset to breach Linux servers to install crypto miners as part of a long-running campaign. On Thursday, Microsoft wrote in a Twitter thread, “the updates include the deployment of new versions of a cryptominer and an IRC bot, as well the use of an...

Publishing firm Macmillan was forced to shut down their network and offices while recovering from a security incident that appears to be a ransomware attack. The attack reportedly occurred on Saturday 25th June, with the company shutting down all their IT systems to prevent further spread. Publishers Weekly first reported on the incident, having seen emails from Macmillan that stated they suffered a "security incident, which involves the encryption of certain files on our network."...

Yesterday, a man was arrested in Los Angeles on suspicion of masterminding a multi-million dollar investment fraud scheme that tricked over 10,000 victims. Neil Chandran, 50, from Las Vegas, was charged with three counts of wire fraud and two counts of engaging in monetary transactions in criminally derived property. Chandran owned several technology companies that marketed themselves to investors, according to the Department of Justice (DoJ), as promising high returns on the basis that they...

Early this week, an ex-Canadian government employee pleaded guilty in a Florida court to charges of involvement with the NetWalker ransomware group. Sebastien Vachon-Desjardins, 34, was accused of conspiracy to commit computer fraud and wire fraud, as well as intentional damage to a protected computer and transmitting a demand concerning damaging a protected computer. In January, a US global action was launched against the NetWalker cyber-criminal gang. Vachon-Desjardins was extradited in March. In February, Justice...