Cyber Bites

Low paydays in the first trimester of the year have prompted scammers in the sextortion email business to switch to new tricks to restore the revenue stream of the not too distant past. Between August 30 and October 5 last year, operators of the 'Aaron Smith' sextortion email campaigns made almost 150,000 in bitcoin (~23 BTC) from victims. Since the beginning of 2019, profits decreased to about $17,000 (~3.5 BTC).Source: Bleeping Computer

The Lazarus Group hacking operation, thought to be controlled by the North Korean government, has a new malware toy to pitch at potential targets and the US is getting worried about it. This according to a report from US-Cert, which say that the group (also known as "Hidden Cobra") has a new piece of spyware capable of securely connecting to a control server and uploading pilfered files from infected machine. Known as "Hoplight," the malware...

Email automation and delivery service Mailgun was one of the many companies that have been hacked as part of a massive coordinated attack against WordPress sites. The attacks exploited an unpatched cross-site scripting (XSS) vulnerability in a WordPress plugin named Yuzo Related Posts. The vulnerability allowed hackers to inject code in vulnerable sites, which they later used to redirect incoming visitors to all sorts of nasties, such as tech support scams, sites peddling malware-laced software...

Two-thirds of hotel websites inadvertently leak guests’ personal data to third-party companies and leave customers vulnerable to hackers, a new report has revealed. Research by cyber security firm Symantec has found the majority of hotels use booking systems that could allow scammers to access information such as mobile phone numbers and passport details. The report found confirmation emails sent to customers often contain an unsecured direct link to their booking, meaning anyone on the same...

Security researchers discovered new vulnerabilities in the WPA3-Personal protocol which allow potential attackers to crack Wi-Fi network passwords and get access to the encrypted network traffic exchanged between the connected devices. According to a press release from the Wi-Fi Alliance, the devices impacted by these security vulnerabilities in the WPA3 Wi-Fi standard "allow collection of side channel information on a device running an attacker’s software, do not properly implement certain cryptographic operations, or use unsuitable...

The Home Office has apologised to hundreds of EU citizens seeking settled status in the UK after accidentally sharing their details. It blamed an "administrative error" for sending an email that revealed 240 personal email addresses - a likely breach of the Data Protection Act. The department may now have to make an apology in Parliament. In a statement to BBC Radio 4's Today programme, it said it had since improved its systems and procedures....

A cyber espionage group believed to be out of Iran and known for targeting telecommunications providers and government bodies in the Middle East has added to its arsenal malware for targeting Android devices. The so-called MuddyWater hacking group, which has been in action since at least 2017, also has created new backdoor malware for spying on its targets, and has been spotted employing false flag tactics to throw off researchers and investigators, according to security...

Security researchers have discovered three vulnerabilities in a popular Verizon Fios router model that could have allowed hackers to take full control of the device. The flaws, discovered by researchers at cybersecurity firm Tenable, affect Verizon's Fios Quantum Gateway router, which is used by millions of customers of the telecommunications giant.  Verizon patched the bug in its latest software update after researchers tipped them off to the flaws in December.   Source: Daily Mail

A highly capable malware reportedly used in a failed plot to blow up a Saudi petrochemical plant has now been linked to a second compromised facility. FireEye researchers say the unnamed “critical infrastructure” facility was the latest victim of the powerful Triton malware, the umbrella term for a series of malicious custom components used to launched directed attacks. Triton,  previously linked to the Russian government, is designed to burrow into a target’s networks and sabotage...

Zain Qaiser, a member of an organized Russian-speaking cyber gang, responsible for "one of the most successful and closely guarded pieces of malicious software ever developed by the cybercrime community," was jailed for more than six years in the U.K. on Tuesday. In the U.S., both the FBI and Secret Service have also made arrests "in relation to this global malware campaign." The campaign targeted users of porn sites in more than 20 countries, placing...