Cyber Bites

Research carried out by Check Point Research (CPR) has revealed that LinkedIn is the most impersonated brand for phishing attacks. In its 2022 Q1 Brand Phishing Report, CPR revealed that phishing attacks impersonating LinkedIn made up 52% of all attempts globally in the first quarter of 2022. This is a 44% increase when compared to Q4 2021, during which LinkedIn was the fifth most impersonated brand. ollowing LinkedIn, the most frequently impersonated brands in phishing...

The US Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation and the Treasury Department have all warned of new, ongoing attacks targeting blockchain companies, carried out by the Lazarus Group. The activity cluster has been dubbed TraderTraitor, involving the North Korean state-sponsored advanced persistent threat (APT) actor striking entities operating in the Web 3.0 industry since at least 2020. Lazarus Group typically targets cryptocurrency exchanges, decentralised finance (DeFi) protocols, play-to-earn cryptocurrency video...

The UK Prime Minister's Office has been targeted by Pegasus spyware over the past two years. Citizen Lab, a Canadian non-profit, has been tracking the use of the spyware, produced by Israel's NSO group, in recent years. NSO Group is being sued by WhatsApp and Apple as their customers were targeted by the covert malware. It also emerged last year that the iPhones of nine US State Department officials were compromised by the spyware. Citizen Lab revealed...

A global consortium of cybersecurity companies have collaborated with Microsoft to disrupt the Zloader botnet. The operation succeeded in seizing control of 65 domains used to control and communicate with infected hosts. "ZLoader is made up of computing devices in businesses, hospitals, schools, and homes around the world and is run by a global internet-based organized crime gang operating malware as a service that is designed to steal and extort money," Amy Hogan-Burney, general manager...

Nordex Group, a major German wind turbine manufacturer, suffered a cyberattack on the 31 March 2022. According to Nordex, the attack was discovered early by IT security teams, who reacted quickly. The company has announced that IT systems across multiple locations and business units were shut down as part of their response protocols. The company has said in a statement: "Nordex turbines continued operating without restrictions and wind farm communication with grid operators and energy...

Authorities in Pinellas Park, Florida have arrested 27-year old Aaron Daniel Motta after he allegedly stole a client's Trezor hardware wallet and its password while providing security assistance. Motta is a "certified ethical hacker", and has been charged with grand theft and other computer offenses. The accused is currently self employed and owns Motta Management and Mitigation Services, alongside actively participating in Apple's bug bounty program. Motta was taken to Pinellas County Jail on April...

RaidForums, one of the world's largest hacking forums, has been raided and taken down by an international law enforcement operation. The forum was notorious for selling access to stolen personal information. The operation, dubbed "Tourniquet", involved authorities from the US, UK, Sweden, Portugal and Romania. The investigation culminated in the arrest of the forum's administrator last month at his home in Croydon, England. The three confiscated domains associated with the illicit marketplace include "raidforumscom," "Rfws,"...

The Cybersecurity and Infrastructure Security Agency has warned of Russian state actors exploiting a bug impacting WatchGuard Firebox and XTM firewall appliances. Sandworm, a Russian-sponsored hacking group, believed to be part of the GRU Russian military intelligence agency, reportedly exploited the high severity privilege escalation flaw (CVE-2022-23176) to develop a new botnet, dubbed "Cyclops Blink", out of WatchGuard Small Office/Home Office (SOHO) network devices. CISA has rated the bug with a critical threat level, explaining...

Several senior European Union (EU) officials were reportedly targeted with Pegasus spyware last year. Among those targeted were European Justice Commissioner Didier Reynders and at least four other commission staff. Reuters has said that it was notified of the claims by two EU officials and documentation it had reviewed. The EU commission reportedly became aware of staff being targeted by Pegasus spyware in November 2021, when tech giant Apple distributed mass messages warning recipients that...

2021 saw victims of Remote Access Tool (RAT)scams lost £58m in 2021, official UK police figures show. RAT scams involve scammers taking control of a victims device, typically in order to access bank accounts. Some 20,144 victims fell for this type of scam in 2021, averaging around £2800 stolen per incident. Typically, RAT attacks begin with a victim being inundated with pop-ups claiming there is a problem with the computer. Users are often then asked...