Cyber Bites

MyFreeCams is an adult video chat platform which provides free access to chat rooms with models, as well as paid services. A hacker has claimed that they have accessed MyFreeCams' database using a SQL injection attack. After gaining access to the platform's database the hacker stolen 2 million paying users' emails, usernames, and plain text passwords. This week the hacker has offered to sell 10,000 recorders from the MyFreeCams' database for $1,500 in Bitcoin, claiming...

All Social Media platforms need to do more to properly monitor their platforms for any activity that may involve extremist groups or conspiracy theories. New rules have been set out, indicating how social media firms should moderate their content. Facebook claims it had removed 30,000 pages, events and groups related to what it called "militarised social movements". Monika Bickert, Facebook's vice president of global policy management stated: "We have a 24-hour operation centre where we...

Two top national security nominees, Retired Army Gen. Lloyd Austin and Avril Haines, have advocated for stronger federal cybersecurity following a supply chain breach that affected several federal agencies. If these nominees are confirmed, they will begin their jobs in the middle of the damage assessment process. The attack has been attributed to Russian hackers, who presumably got access through the SolarWinds breach. Austin made a statement, declaring that: “We must elevate cybersecurity as an...

Check Point Research published a blog post on Thursday, explaining the phishing campaign, in which stolen information was discarded on WordPress domains. The attackers had been targeting the construction and energy sectors. The attack began with a fraudulent email template, mimicking Xerox/Xeros scan notifications, along with the victim's name in the title or subject line. The messages originated from a Linux server and were sent through PHP mailer and 1&1 email servers. The hackers included...

A report from the Microsoft 365 Defender Team, Microsoft Threat Intelligence Center (MSTIC), and Microsoft Cyber Defence Operations Center (CDOC) details how the SolarWinds hackers managed to remain undetected for so long. The report discloses new details including the steps and tools used to deploy the custom Cobalt Strike loaders (Teardrop, Raindrop, etc.) after the hackers dropped the Solorigate (Sunburst) DLL backdoor. It was revealed that: "During our in-depth analysis of the attacker’s tactics, techniques,...

For the past few years, a Chinese hacking group has been targeting the airline industry to obtain passenger data. Their goal was to track the movement of person of interest. The threat actor responsible has been given the name Chimera.  The groups activities were first reported in 2020, and are thought to be nation state actors. The NCC Group and Fox-IT compiled a report, which was published last week, that claims the intrusions are broader than...

SolarWinds attackers managed to gain access to internal emails via a different intrusion vector. This was confirmed by Malwarebytes, who stated that a second threat vector was used to infiltrate private emails with the use of password guessing or spraying and/or exploiting admin or service credentials. The vendor reported suspicious activity on December 15 and linked it to the same threat actor involved in the SolarWinds attacks. “The investigation indicates the attackers leveraged a dormant...

New research by the Ponemon Institute and Keeper Security has found that 70% of the UK's financial sector has experienced a cyber-attack in 2020. The researchers have warned that this increase in the rate of attacks could result in “disastrous consequences” if action is not taken. The report has also found that 59% of these attacks were made more likely due to the acceleration in remote working due to the pandemic, as the workforce is...

1.4 million Pixlr user records have been leaked online to a hacker forum. The user records contain information that can be used by malicious actors to carry out credential stuffing and targeted phishing attacks. The hacker known as ShinyHunters shared the user record database for free to the hacker forum, claiming that the data was stolen from 123rf, whos parent company Inmagine also owns Pixlr. In their post ShinyHunters said that they stole the database...

The Federal Bureau of Investigation (FBI) has released a warning to notify people of the ongoing vishing attacks which are attempting to steal corporate accounts, as well as the account's credentials, in order to gain network access and privileges from both US and international-based staff. The FBI PIN says, "during COVID-19 shelter-in-place and social distancing orders, many companies had to quickly adapt to changing environments and technology." It goes on to read, "with these restrictions,...