Cyber Bites

A scam, known as Classiscam, is leading users to fraudulent merchant sites or phishing pages using fake tailored advertisements. The Cybercriminals use brands that are extremely popular in Europe including, LeBoinCoin, Allegro, OLX, Sbazar, FAN. Courier, Lalafo, Kufar and DHL. Anyone tricked by the scam falls victim to payment data theft. Security Researchers at Group-IB watched it grow from 280 scam pages to about 3,000 in less than a year. First discovered in Russia in...

Malicious actors have hacked a number of Twitter accounts, including verified accounts, in an Elon Musk giveaway scam. Security researches MalwareHunterTeam have seen an increase in the number of verified Twitter accounts being hacked by a scam which claims that Elon Musk is giving away cryptocurrency. Accounts are compromised by replying to the giveaway tweet. The tweet contains links to a Medium article promoting the giveaway, with the article containing further links to the scams...

Priti Patel, the UK home secretary, is under fire after 150,000 police arrest records were accidentally lost from a police database last week. The lost files include DNA, arrest history records and fingerprints. As these files are now lost from the Police National Computer (PNC), essential evidence from crime scenes no longer exist which means that criminals will be able to go free for crimes they have committed. The Home Office released a statement that...

Yesterday, January 13th, users worldwide were reporting issues with the popular video chat platform. Users were automatically signed out and when attempting to log back onto their accounts they all received the same message: "We're unable to complete your request". Microsoft acknowledged the issues and began working on restoring access. "We're aware that the app is down, and our engineers are working on a fix. Apologies for any inconvenience. There's no estimated time of repair,...

On Tuesday, German authorities announced the shut down of an illegal marketplace found on the darknet. Among the products sold on the network, known as DarkMarket, were drugs, forged money, stolen or forged credit cards, anonymous mobile phone SIM cards and malware. Prosecutors stated that the large network had nearly 500,000 users, more than 2,400 vendors and had processed more than 320,000 transactions before its shutdown. As a result, more than 140 million euros (the...

Today the US Cybersecurity and Infrastructure Security Agency (CISA) have revealed that malicious actors accessed their cloud service accounts by bypassing their multi-factor authentication (MFA) protocols. The attackers had tried multiple times to breach the CISA systems using brute force attacks, and it is through that they finally defeated the MFA protocols by using a 'pass-the-cookie' attack. By using this method they were able to hijack an authenticated session by using stolen session cookies to...

QR codes are being increasingly used by businesses and venues in order to register customers to help track COVID-19 cases. As we see a rise in QR code usage, we are also seeing a rise in the number of QR code scams. Avast security is warning that individuals and businesses should be aware of the QR scams, especially in Australia. Luis Corrons from Avast Security Expert said that "we are also seeing a comeback of...

Following a data breach in December, the European Medicines Agency (EMA) today revealed, that data concerning the Pfizer/BioNTech COVID-19 vaccine, has been leaked online. Fortunately, the EMA has stated that the regulatory network remains fully functional and that any COVID-19 evaluation and approval timelines have not been affected by the breach. The stolen data includes email screenshots, EMA peer review comments, Word documents, PDFs, and PowerPoint presentations, all of which have been leaked. The agency...

Staff at the Australian National University (ANU) have been sent a warning after receiving a scam email claiming new cases of COVID-19 had been recorded on campus. Professor Jodie Bradbury sent a screenshot of the email to his colleagues alerting them of the scam, which was given the subject line "New positive positive COVID-19 cases among staffs" and included a link for the readers to follow. The event was described as a "really serious and...

Mimecast have announced that one of their authentication certificates used by Microsoft 365 Exchange Web Services has been "compromised by a sophisticated threat actor". Mimecast secure emails for customers using email services such as Microsoft 365. Users can apply Mimecast's security services to their emails by creating a connection to Mimecast’s server. The Mimecast certificate that has been compromised is used to authenticate and verify the connection made to Mimecast's Continuity Monitor, Sync and Recover,...