Cyber Bites

Ticketmaster has just received a $10 million fine after one of their staff admitted to hacking into their competitor's systems in order to affect their presale ticket business. It has been reported that a Ticketmaster employee repeatedly infiltrated their competitor's computers in order to restrict their presale ticket business. It appears that a former employee of the victim firm joined Ticketmaster in 2012 and brought with them confidential information which allowed Ticketmaster to disrupt their...

A data breach broker has stolen the user records from twenty-six companies and is selling them on a hacker forum. Last Friday the hacker began to sell the 368.8 million stolen records on a hacker forum, with prices ranging from $1,800 to $4,000 depending on the company that the data was stolen from. Eight of the twenty-six companies involved in the breach have not been previously disclosed, including Anyvan.com, MyON.com, Chqbook.com and Sitepoint.com.  

In December T-Mobile suffered a security breach which could have possibly exposed customers' phone numbers and call-related information. Fortunately, T-Mobile confirmed that only 0.2 per cent of their users were affected and that the information exposed in the breach did not include customers' names, financial data, credit card information, tax IDs, PINs, addresses or Social Security numbers. Although only 0.2 per cent of their users were affected, this still means that 200,000 customers have had...

RESEARCHERS FROM IBM Trusteer say they’ve uncovered a massive fraud operation that used a network of mobile device emulators to drain millions of dollars from online bank accounts in a matter of days, reported WIRED. The scale of the operation was unlike anything the researchers have seen before. In one case, crooks used about 20 emulators to mimic more than 16,000 phones belonging to customers whose mobile bank accounts had been compromised. In a separate...

The US Department of Energy, who is responsible for managing nuclear weapons, have been victim to a hacking campaign, thought to be executed by Russian hackers. A spokesperson for the department has confirmed that they are responding to the breach, and they have also said the security of the nuclear weapons are unaffected. "At this point, the investigation has found that the malware has been isolated to business networks only, and has not impacted the...

Cybercriminals have been distributing fake Android and Windows installers for Cyberpunk 2077 which installs ransomware called CoderWare onto devices. Malicious actors are distributing the game through installers, cracks for copyrighted software, and cheats. A Kaspersky analyst discovered the Android ransomware which was disguised as a mobile version of Cyberpunk 2077. The game was being distributed on fake websites that were impersonating the Google Play Store. It was reported that the ransomware was using hardcoded keys,...

Coronavirus vaccines have been found for sale on the internet just days are the shot was first approved. One of the vaccines for offer was discovered by the cybersecurity company Check Point Software. The vaccines were priced at $250 with the vendor promising for fast and stealth-like delivers with double packaging and a courier delivery service for +$20. The advertisement was accompanied by a stock photo which didn't correspond with the vaccines on the market....

Microsoft has said that they have identified over 40 customers who were affected by the SolarWinds hack. These customers were affected as they installed trojanized versions of the SolarWinds Orion platform. Microsoft used their Microsoft Defender antivirus product, a built-in antivirus product for all Windows devices, to disorder the intrusions on their clients' devices. Brad Smith, President of Microsoft, said that they are now notifying anyone who was impacted, with 80% of those affected being located...

Research has revealed that in recent months hundreds of attempts of SystemBC deployments have been made globally by the ransomware groups Egregor and Ryku. Commodity malware backdoor SystemBC is now able to automate a range of key activities, while also being able to use the anonymizing platform, Tor. These new evolutions in SystemBC will make it easier for malicious actors to deploy the backdoor, while simultaneously disguising the destination of the command-and-control (C2) traffic.

The US Federal Bureau of Investigations (FBI) reports that they are aware of a number of incidents in which the DoppelPaymer ransomware gang has begun to cold-calling victims who have not paid their ransoms, in order to intimidate them into paying the demands. The FBI has said in a PIN (private industry notification) alert that these incidents have been taking place since February 2020. The alert notified the US private sector that this method of...