Cyber Bites

This weekend IObit, a Windows utility developer, was hacked resulting in strange DeroHE ransomware being distributed to a number of its forum users. IObit is a software developer that is known for anti-malware programs, such as Advanced SystemCare, and Windows system optimization. Over the weekend IObit forum members started to receive emails that were supposedly from IObit. The emails stated that forum members are entitled to a 1-year license to their software for free.

The Bitcoin value is currently experiencing a high, with 1 Bitcoin worth around $36,000. With this, researchers have recorded an increase in coinminer malware which, according to Alexander Vukcevic "exploits other people's computer resources for illegal mining activities." This type of malware runs completely undetected on a victim's computer. The aim of coinminer malware is not to steal data, but to use resources from the infected computer. These resources include the processor, graphics card, main...

The FBI released a "joint threat assessment" on Thursday detailing fears that  "Russian, Iranian and Chinese influence actors have seized the opportunity to amplify narratives in furtherance of their policy interest amid the presidential transition." Additionally, a U.S. Intelligence memo claims that a Russian "proxy" took advantage of the event to advance a conspiracy theory, claiming that anti-fascist groups (antifa for short) were, in fact, responsible for the Capitol insurrection. Russia is also suspected to...

After resolving technical issues that had affected both the mobile and web application on Friday, Signal said: "Thanks to the millions of new Signal users around the world for your patience." As a result of the discontent over WhatsApp's new Terms&Conditions, both Signal and Telegram have hugely benefited from an increase in downloads and users. The surge caused users to experience some technical issues. Many reported problems with sending messages, which lasted for several hours....

Last week, a report by the EMA disclosed that attackers had hacked into their servers and stolen data related to the BioNTech Covid-19 vaccine. Until recently, the hackers' motives had been unclear. New developments from the EMA, however, reveal that: "Some of the correspondence has been manipulated by the perpetrators prior to publication in a way which could undermine trust in vaccines.” The attack could have either been perpetrated by state-sponsored threat actors or hacktivists...

Singapore has recently revised its Technology Risk Management Guidelines so that they now include "strong oversight" of partnerships with third-party companies in order to maintain data confidentiality. The updated guidelines also covered stress tests and security controls, as well as appointments of senior IT executives and third-party vendors. The Technology Risk Management Guidelines have been revised due to the increasing usage of cloud technologies and application programming interfaces in financial institutions. As the use of...

A ransomware attack launched against gaming company Capcom last November keeps getting worse, threatpost reported this week. The company now says that the personal data of up to 400,000 of its customers was compromised in the attack — 40,000 more than the company originally thought. Capcom is a Japan-based publisher of blockbuster games like Resident Evil, Street Fighter and Dark Stalkers.  The breach was first detected on Nov. 2.. On Nov. 19, Capcom said its personal...

An undisclosed Cross-Site Scripting (XSS) vulnerability in Apache Velocity Tools can be exploited by unauthenticated attackers to target government sites, including NASA, BleepingComputer reported today. Although 90 days have elapsed since the vulnerability was reported and patched, BleepingComputer is not aware of a formal disclosure made by the project.Security researcher Jackson Henry of the Sakura Samurai ethical hacking group had first discovered and reported the vulnerability to Apache in early October, 2020. Although the project had acknowledged Henry's report and issued...

Julie Meadows-Keef has been arrested and charged with cyberstalking her coworker and ex-partner. Meadows-Keef has been banned from using the internet. However this excludes the use for work, paying her bills and legal defence. Following a messy divorce, restraining orders, a falsely filed sexual complaint by Meadows-Keef against Fletcher (which was dismissed), and stalking allegations, the Tallahassee city ethics officer is facing a misdemeanour charge. The report claims she sent hundreds of texts and emails...