A member of the Lapsus$ hacker group has been arrested in Brazil. The arrested individual is reportedly believed to be a teenager. More: - The arrested person is believed to be a young male. He was found in the northeast part of Brazil, specifically in Feira de Santana.
- Brazilian law authorities stated that this operation is related to a breach of the country's Ministry of Health that led to massive data theft.
- The police operation is believed to have begun in August 2022, culminating in yesterday's arrest.
- The cyberattack, which happened in 2021, left millions of Brazilian citizens without their COVID-19 vaccination certificates temporarily.
Zoom Out: - Lapsus$ hacker group is infamous for numerous hacking campaigns. Two group members were arrested in March of this year, including a 16-year-old located in England.
- The group has breached companies such as Rockstar Games, Nokia, Samsung, NVIDIA, Microsoft, etc.
- In some cases, such as the NVIDIA breach, the group stole terabytes of data and immediately proceeded to make unusual demands that were not financially or politically related.
- The threat actor breached the search engine Bing in early 2022, leading to a public statement by Microsoft.
| |
Dangerous apps with over 20 million downloads have been removed from the Google Play Store. The apps used clicker malware as a vector. More: - Hackers hid the malware in seemingly harmless apps such as Flashlight, QR readers, the Camera app, etc.
- Clicker malware starts retrieving crawl URL information via FCM messages in the background after a certain period of time without user permission. The action may drain the device's battery initially.
- The malware aims to make use of illegal advertising revenue by heavily increasing the mobile data the device uses due to traffic re-direction.
- This results in the victim's device visiting websites without their knowledge while someone else capitalizes on the ad revenue from those visits.
- A total of 16 apps were removed from the Google Play Store.
- The security flaw was found by the security research company McAfee.
Zoom Out: - A few weeks ago, Google, Samsung, and Huawei warned their users to remove apps that contained malware named Harly. The malware signed up its victims for expensive subscriptions without their permission.
- Security researchers recently listed over 400 apps that pose a threat to Android and iOS users.
| |
 A message from LINEARB You’re Invited to Interact on October 25th Join 2,000+ leaders at Interact: a free, community-driven virtual conference. If you’re an engineering leader or SaaS executive, save your seat for Interact on October 25th today. Presented by LinearB and the Dev Interrupted community, Interact is the leading event for improving how engineering orgs work, communicate, and code.
Hear from the top engineering leaders at companies like Shopify, Slack, Atlassian, and Stripe about how they're building companies. Participate in incredible content tracks too: -
Explore leadership challenges -
Build your professional network -
Become an elite engineering leader It’s virtual. It's free. It's the best ROI for your time. Grab your free tickets now
| |
Iranian hackers are trying to spy on users through a fake translation app that spreads an Android malware tracked as FurBall. The threat actor responsible for the campaign is believed to be Domestic Kitten. More: - The campaign is believed to be active since June 2021. Most of the code is similar to its previous versions, but the group seems to have changed some class and method names, strings, logs, and server URIs.
- This malware initially only has the capability of stealing contacts, but this feature may be a way to hide all the intentions the threat actor has.
- If the victim gives the malicious app permission to access other content, such as media, for example, the malware may be able to steal that information too.
- The app can also receive commands that lead it to take photos and videos, steal SMS messages, etc.
- This malicious Android application is delivered via a fake website that pretends to provide articles and books translated from English to Persian. The app is not available on the Play Store but instead is downloaded directly from the threat actors' server.
- Domestic Kitten, also tracked as The APT-C-50 group, is an Iranian threat actor that has been previously involved in hacking campaigns targeting actors in the Middle East.
Zoom Out: - Iranian hackers have intensified their campaigns recently.
- The government of Albania accused the country of backing threat actors that hacked its entire digital infrastructure named E-Albania.
- The system had to be shut down, while the threat actor managed to steal and leak data.
- They reportedly had gained access for 14 months before Albanian authorities realized the breach had happened.
- Only days later, hackers shut down TIMS, the country's border patrol software used in airports and land borders.
- The hack sparked serious diplomatic action, as Albania cut all diplomatic ties with Iran and expelled its diplomats.
- NATO and U.S. authorities denounced the attack and sent staff to help the Albanian government recover its data.
| |
Netherlands-based cybersecurity company Guardey has raised a $2.1M growth funding round. The company provides defense services for small businesses. More: - The round was led by unnamed investors located in the Netherlands.
- Guardey has developed proprietary software that enables its clients to log in to a VPN service that encrypts their internet connection regardless of their location or device.
- By providing this service, the company hopes to reduce the time it takes SMEs to realize that they've been compromised, claiming that, on average, this time today is 280 days.
- Guardey claims it has thousands of clients who use its software.
- The company's founders previously worked on the first Dutch VPN ever.
Zoom Out: - According to reports, 45% of Dutch companies have reported being hit by a cyberattack in 2022, up from 21% in 2021.
| |
Security startup Third Wave Innovations has raised a Series A funding round. The amount is undisclosed More: - The Series A funding round was led by Socii Capital.
- Third Wave Innovations, also known as RSC Secure, is based in Frisco, Texas.
- The company offers a range of services, such as pen testing, 24/7 desk help, security awareness training, email security, patch management, data collection, data visualization, etc.
- Third Wave Innovations aims to use the funds for expansion and new product development.
| |
Quick Hits: - You might have an amazing product and team, but you’ll struggle with your next funding round if you’re weak on this one metric.*
- The TSA has announced its new cybersecurity requirements for all passenger and freight carriers. The long list of new directives is based on a recent legislation push from the Biden administration to strengthen cybersecurity in the U.S. and its federal agencies.
- Compensation for cybersecurity executives in the U.S. and Canada has increased up to 15%, according to a new report.
- A new study conducted by Comcast shows that SMEs are hit by cybersecurity attacks up to 3X more than large companies but are significantly underprepared and underfunded to handle them successfully.
- Researchers claim that Gen-Z and Millennial workers take cybersecurity less seriously on their work devices than they do on their personal devices, even though 83% of them understand the implications of bad security hygiene.
- Unlock profitable growth. See how Northbeam is helping marketers discover the true impact of their marketing spend.*
*This is a sponsored listing.
| |
Upcoming events at Inside: - October 25 - Learn how leaders from Slack, Shopify, and Stripe are improving developer productivity, workflow, and collaboration in their engineering orgs. (Register Here) *
- October 25 - Meet Our Fund 4, an Inside.com Summit (Register Here)
- November 02 - AMA with Bill Glenn (Executive Chairman at Crenshaw Associates) (Register Here)
- November 09 - Synthetic data for more efficient, robust and ethical model development - Live AMA with Yashar Behzadi (CEO and Founder of Synthesis AI)* (Register Here)
- December 07 - Live AMA with Deividi Silva ( Head of Developer Relations at Gun.io) (Register Here)
*This is a sponsored listing.
| |
 |  | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. |   | | Editor | Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 and 1972 Fords. | |
| |
