 Several members of the Conti ransomware group are targeting Ukraine with cyberattacks. There are at least five tracked hacking campaigns. More: - The hacking campaign was reported by Google's Threat Analysis Group.
- This breach was facilitated by UAC-0098, another threat actor.
- One of the security flaws used to hack targets is CVE-2022-30190. This flaw is tracked as Follina and affects Windows devices.
- Through this flaw, hackers have deployed tools such as CobaltStrike against Ukrainian government agencies and media organizations.
- Besides Ukraine, UAC-0098 has hacked other targets, including a hotel in India and NGOs in Italy.
- In addition to ransomware, Conti group members have also used a phishing tool known as AnchorMail as a threat vector to carry out their cyberattacks.
| |
 A website that sold stolen credit cards named WT1SHOP has been taken down. The operation was in coordination between U.S. and Portuguese law authorities. More: - The website was accessed through four domains:
- wt1shop(.)net,
- wt1store(.)cc,
- wt1store(.)com, and
- wt1store(.)net
- Hackers managed to steal 5.85 million personal records, including:
- 25,000 driver's licenses and passports,
- 1.7 million log-in credentials shops,
- 108,000 bank accounts, and
- 21,000 credit cards.
- In addition to seizing the domains, the United States Department of Justice has charged a 36-year-old Moldovian national with running the illegal marketplace and trafficking in unauthorized devices. The DOJ was able to track several emails, PayPal accounts, and BTC addresses to him.
- If charged, the 36-year-old man could face 10 years in prison.
| |
 A message from QUANTUM Avoid Paying a Ransom - Get the Ultimate Backup Guide Before You Need It Paying a ransom may sound like the best case scenario: get your data back, make your customers feel worth it. But actually, it can affect your business in other ways and may, in some cases, be illegal. Make sure your systems are protected across the entire data lifecycle - and never pay a ransom again. You’re able to balance cost while maximizing efficiency. No one can stop ransomware or fully prevent it from taking place - but you can make sure you’re protecting your customers and your data by ensuring that there is a fully air-gapped solution. Request A Demo
| |
 Albania has cut its diplomatic ties with Iran due to a recent cyberattack. The country has given Iran's diplomats 24 hours to leave the country. More: - The announcement was made by Albanian Prime Minister Edi Rama.
- Rama stated that the Albanian government has undeniable proof that Iran-backed threat actors are the ones that carried out a cyberattack that disrupted the country's entire digital infrastructure.
- Threat actors breached E-Albania, an online system where citizens can register for health checkups, car insurance, passport controls, etc. The hackers used Roadsweep, a new form of ransomware tracked by researchers.
- This cyberattack was deployed by sending infected Excel and Word files that were opened by the targets.
- The attack has been condemned by the U.S. National Security Council, which called it reckless.
| |
 Cybersecurity startup Upwind has raised a $28M Seed round. The company is still in stealth mode. More: - Investors in the round include Greylock, Gili Raanan Cyberstarts, Leaders VC, etc.
- Upwind is led by the founding team that launched Spot.io. The latter was acquired for $450M two years ago.
- Spot.io had offices in multiple locations, such as Tel Aviv, London, and San Francisco. The company provided solutions for companies that wanted better security data for their cloud infrastructure.
| |
 A message from SECURITY COMPASS Current approaches to software threat modeling simply don’t work. They are manual, inconsistent, take too long, don’t scale, and don’t give developers what they need. When software security and compliance are considered more as an afterthought, rather than a vital step in the development process, organizations end up trying to remediate security and compliance issues after software has been written, rather than preventing issues in the first place. Here you can find a series of posts breaking down how you can anticipate threats earlier in the software development life cycle to create more secure and compliant software. Empower DevSecOps teams to make software secure and compliant by: - Design through automating threat modeling
- Generating application security requirements
- Providing secure development
- Compliance best practices.
The SD Elements platform is the best solution for organizations who need to scalably model software threats, identify countermeasures, and deliver secure, compliant code quickly. Download the whitepapers
| |
North Korean hacker group Lazarus Group is using a new malware variant named MagicRAT. The malware has been used against victims affected by the VMware breach. More: - Researchers believe the cyberattack may have been carried out by one of the group's spin-off branches.
- MagicRAT is written in C++ and is characterized by its ability to bypass security protocols and commercial antivirus software. This feature falls in line with the group's typical method of using hacking campaigns as cyber espionage tools to steal data.
- Besides a new malware form, the group is also using this attack to breach its victims with a new variant of the Tiger Remote Access Trojan.
- This spyware can take screenshots, log keystrokes, and harvest system information.
| |
Quick Hits: - Origin Investments' IncomePlus Fund has seen its 27th consecutive month of positive returns, generating 18.7% over the past 12 months.*
- Japan's government has been hit by a cyberattack. Researchers believe that the Russian-backed group Killnet may be behind the attack.
- Financial companies in the Ivory Coast, Morocco, Cameroon, Senegal, and Togo have been hit by a malware attack. Researchers, who are tracking it as DangerousSavanna, have been unable to link it to a threat actor so far.
- The FBI has released a new cyber security advisory statement regarding a threat actor known as Vice Society.
*This is sponsored content.
| |
Upcoming events at Inside: - September 07 - AMA with Andrew Gazdecki (Founder of MicroAcquire) (Register Here)
- September 09 - AMA with Jay Ryan (U.S. Federal Government Program Manager at Security Compass) (Register Here)
- September 14 - What Do Developers Think of Threat Modeling? (feat. security experts from Security Compass, Dell, and Tricentis) (Register Here) *
- September 14 - AMA with Brian Dean (Founder of Backlinko) (Register Here)
- September 21 - AMA with Kristen Ruby (Founder of Ruby Media Group) (Register Here)
- September 28 - AMA with Leigh-Ann Buchanan (Founder of aīre ventures) (Register Here)
- October 05 - AMA with Ram Bartov (Chief Accounting Officer at TripActions)* (Register Here)
- October 12 - AMA with Bill Glenn (Executive Chairman at Crenshaw Associates) (Register Here)
- October 19 - AMA with Zecca Lehn (Responsibly VC) (Register Here)
- October 25 - Meet Our Fund 4, an Inside.com Summit (Register Here)
*This is a sponsored listing.
| |
 |  | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. |   | | Editor | Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 and 1972 Fords. | |
With Quantum, we shift the focus from accumulating data to making it work for you. | |
Security Compass is on a mission to accelerate software time-to-market while managing risk. | |
