Cyber Bites

Two men from Massachusetts were arrested and charged by the Boston U.S. District Court with stealing high-value social media accounts and hundreds of thousands worth of cryptocurrency from at least ten victims by using SIM swapping, death threats, and hacking. Eric Meiggs and Declan Harrington, the two defendants, were charged with one count of conspiracy, eight counts of wire fraud, one count of computer fraud and abuse, and one count of aggravated identity theft in an...

Scottish Widows has been accused of breaching data protection rules after it sent sensitive client information to the wrong policy holder by accident. Last month, one of Scottish Widows’ clients received a letter, seen by Financial Adviser, which included various pieces of information about another client’s pension pot. This included details such as the start date of the plan, the amount of assets held, the membership number and the level of employer contributions. Source: FT...

Researchers stressing the code related to Qualcomm's implementation of the secure execution area on mobile devices found a new vulnerability that could allow access to critical data. Top smartphone brands like Samsung, LG, or Motorola rely on Qualcomm's implementation of the Trusted Execution Environment (TEE)  based on the TrustZone technology from ARM to store and handle sensitive information in a secure area inside the main processor. TEE runs at the same time as the Android...

Since October, a threat actor has been impersonating governmental agencies in phishing emails designed to infect American, German and Italian organizations with various forms of malware, including the Cobalt Strike backdoor, Maze ransomware and the IcedID banking trojan. Source: SC Magazine    

A silly phishing campaign is underway where the attackers state that your password will expire and be changed unless you login and confirm that you want to keep it the same. As people get better at spotting the phishing scams pretending to be shipping information, receipts, and voicemails, scammers need to come with new methods to get people to click the links in their emails. Such is the case with a new phishing email that...

A bug in the latest version of iOS opens iPhone cameras as users peruse their Facebook feeds, letting the social media giant access the cameras. “We have seen no evidence of photos or videos being uploaded due to this bug,” a spokesman told the Guardian, confirming that glitch would let the Facebook app “navigate to the camera screen adjacent to News Feed when users tapped on photos.”   Source: SC Magazine

The claim made by the Mexican state-owned petroleum corporation Pemex that it had recovered from a Nov. 10 cyberattack was met with some skepticism, as published reports indicate the attack may be still affecting the company. Pemex stated it had suffered a cyberattack that impacted about five percent of its computer equipment, but managed to contain the problem and is now operating normally. The company did not say what type of attack transpired, but emails...

The alleged operator of a website that sold payment card numbers stolen from hacked entities was hauled into a Virginia federal courtroom yesterday after Israel extradited the defendant, despite reported efforts by Russia to prevent the prisoner from reaching American soil. Russian national Aleksei Burkov, 29, is accused of running Cardplanet, which offered visitors the opportunity to purchase from a selection of over 150,000 compromised payment cards — many belonging to U.S. citizens. The site...

A new and strange ransomware called AnteFrigus is now being distributed through malvertising that redirects users to the the RIG exploit kit. Unlike other ransomware, AnteFrigus does not target the C: drive, but only other drives commonly associated with removable devices and mapped network drives. The RIG exploit kit uses malicious scripts hosted on attacker-owned or compromised sites that exploit vulnerabilities in Internet Explorer. If these vulnerabilities can be exploited, it will then install a...

Microsoft resolved a known issue causing Microsoft Defender Advanced Threat Protection (ATP) to stop running and fail to send reporting data on some Windows devices after installing the KB4520062 optional non-security update. Some Windows 10 customers affected by the now-fixed bug also received 0xc0000409 errors in the Event Viewer on MsSense.exe according to the known issue's entry.   Source: Bleeping Computer