Cyber Bites

Maze ransomware operators have infected computers from Medical Diagnostic Laboratories (MDLab) and are releasing close to 9.5GB of data stolen from infected machines. The actor also followed through with leaking another cache of files belonging to another of its victims that did not pay the ransom, Southwire wire and cable manufacturer from Carrollton, Georgia. This action was prompted by the company's refusal to pay a ransom of 200 bitcoins (a little over $1.7 million today) that...

The attackers behind the Sodinokibi Ransomware are now threatening to publish data stolen from another victim after they failed to get in touch and pay the ransom to have the data decrypted. Sodinokibi claims that this data was stolen from GEDIA Automotive Group, a German automotive supplier with production plants in Germany, China, Hungary, India, Mexico, Poland, Hungary, Spain, and the USA. GEDIA also has over 4,300 employees all around the world and it had an annual turnover of €600 million...

New versions of the ransomware now sniff out saved credentials for Internet Explorer, Mozilla Firefox, Mozilla Thunderbird, Google Chrome and Microsoft Outlook. FTCODE, a PowerShell-based ransomware that targets Italian-language users, has added new capabilities, including the ability to swipe saved web browser and email client credentials from victims. Source: ThreatPost

Mr Bezos' phone was hacked after receiving a WhatsApp message in May 2018 that was sent from Mohammed bin Salman's personal account, according to the Guardian. A message from a phone number used by the prince has been implicated in the data breach, according to reports. The kingdom's US embassy said the stories were "absurd" and called for an investigation into them. As well as being the founder of online retail giant Amazon, Mr Bezos owns the Washington...

Search engine giant Google has removed popular Hong Kong pro-democracy mapping app WhatsGap from its app store. WhatsGap is an app used to identify retailers that are in support of Hong Kong's democracy. Google told ZDNet the removal of WhatsGap was sparked by "sensitive content" that was being published on the app. Source: ZD Net

FireEye has announced the acquisition of Texas-based Cloudvisory, hoping its new addition will boost the cloud security capabilities of FireEye Helix. The company said it would give customers with a single operations platform to monitor multi-cloud environments, hybrid-cloud firewalls, and integrate container security. "Customers need consistent visibility across their public and hybrid cloud environments, as well as containerised workloads," FireEye executive vice president of products and customer success Grady Summers said. Source: ZD Net

The code for ProtonVPN apps on all supported platforms - Android, iOS, macOS, and Windows - is now open source, the maker announces today, a move that follows a security audit from an independent party. The decision distances the service from all the other options on the market and is in line with the company's belief in ethics, transparency, and security as core values for a trusted VPN (virtual private network) provider. Source: Bleeping Computer

Bad actor obtained passwords for servers, home routers, and smart devices by scanning internet for devices open to the Telnet port. A hacker has published a list of credentials for more than 515,000 servers, home routers and other Internet of Things (IoT) devices online on a popular hacking forum in what’s being touted as the biggest leak of Telnet passwords to date, according to a published report. Source: Threat Post  

A hacker posted a trove of Telnet credentials for more than 515,000 servers, IoT devices and routers on a hacking forum. The leaked lists, dated October and November of last year, were published by someone who runs a DDoS-for-hire service and include usernames, passwords and IP addresses, according to a report by ZDNet. The hacker, the report said, scanned the internet to find devices with exposed Telnet ports then ran factory-set credentials and as well as custom password combinations...

Betting firms have used information from a U.K. government-run educational database containing the records of 28 million children to bump up the number of youth who gamble online. The companies gained access to Learning Records Service database – which falls under the umbrellas of the U.K. Department of Education – through GB Group, which had gained access through third-party Trustopia. Training firm Trustopia reportedly had broken its agreement with the U.K. government, according to a report in...