Hackers have reportedly stolen $300,000 from users of the popular betting app DraftKings. Credential stuffing is believed to have been used as a threat vector for the attack. More: - The statement confirms previous suspicions that the company had been breached after it launched an investigation yesterday.
- DraftKings stated that it believes its users were tricked into giving out their login details through a third party. The hackers then used those login credentials to steal funds from those accounts.
- The company believes that its own systems have not been breached, recommending its users change their passwords and use stronger passwords that contain a combination of letters, numbers, and symbols.
- Many users have complained on social media, claiming that they haven't been able to reach customer support and get help regarding their stolen funds.
- DraftKings' stock price dropped more than 10% today after reports of this breach were confirmed.
Zoom Out: - Identity verification platform Okta claims that it intercepted over 10 billion credential-stuffing attempts during the first three months of 2022 alone, a sign that the threat vector is being used increasingly more.
- Only two days ago, ESPN reported about fraudulent accounts and significant amounts of money being withdrawn from the accounts of many sports betting apps.
| |
A Google Chrome extension named "VenomSoftX" is being used to steal cryptocurrency from wallets and breach passwords. The malware has been tracked over 93,000 times so far in 2022. More: - The malware spreads mostly through Adobe Illustrator, Microsoft Office, and Corel Video Studio.
- Out of the 93,000 infection attempts, most of them targeted India, The United States, Italy, and Brazil.
- VenomSoftX overlaps with ViperSoftX, another malware that has been tracked for some time. VenomSoftX, however, provides full access to every page the victim visits, carries out man-in-the-browser attacks to swap wallet addresses, tampers with API requests and website visit history logs, etc.
- The main platform that these two variants target are Blockchain.com, Binance, Coinbase, Gate.io, and Kucoin.
- The threat actors that are operating ViperSoftX and VenomSoftX have managed to steal around $130,421.56 in cryptocurrency without counting other wallets they may have.
Zoom Out: - This is not the first time that hackers have used Chrome extensions as a threat vector. Google recently warned of a dangerous extension known as Cloud9, a malware reportedly used to steal money from bank accounts by gaining access to a user's login credentials.
| |
 A message from SECURITY COMPASS The only secure developer training that is accredited by (ISC)² Explore role-based, language-specific, secure developer training that meets developers where they are in their knowledge and learning style to ensure they successfully develop and apply secure coding skills. Go beyond secure coding training. Retain talent, remain competitive, and stay compliant. Choose over 50 cybersecurity courses covering topics including: - AppSec Fundamentals
- Secure Coding
- Secure Mobile
- Compliance, PCI-DSS, CCPA, HIPAA
- Operational Security, like DevSecOps Fundamentals and DevSecOps for Managers
Influence developers to adopt secure coding without getting in their way. Learn more
| |
Google is releasing a number of tools that aim to make Cobalt Strike more difficult for hackers to use. The tool has been used by nearly all hacker groups during the last decade to breach victims. More: - Cobalt Strike is a red-team (offensive) tool that was developed to help security researchers find security flaws. The tool has since become the go-to choice for hackers who use it as a point-and-click threat vector.
- Even though the software gets consistently upgraded by its vendor, hackers have managed to find flaws and abuse the tool.
- Due to the fact that illegal versions of any software are not openly shared, fixing those flaws for future upgrades to the officially licensed version becomes even more difficult.
- The search giant has decided to open-source some of the YARA rules as a tool to fight the negative trend.
- A Cobalt Strike version is essentially made up of three components: stagers, templates, and beacons. Google claims that stages and templates are more difficult to re-create for hackers, which is why the company created 165 signatures that will help it detect suspicious variants of the software.
- It is worth noticing that these tools are effective against flaws found in the previous versions of Cobalt Strike but not for the latest one.
Zoom Out: - Only two weeks ago, a threat actor tracked as OPERA1ER was reported to have stolen over $11M from 12 countries in Africa. The group uses Cobalt Strike as one of its frameworks of choice.
- A new China-based hacker group named Earth Longzhi was found to have hacked many Taiwanese institutions in the last two years, primarily using Cobalt Strike loaders.
- Russian hackers have used the tool as a way of launching hundreds of different campaigns against Ukraine, all of which have different goals. Z-Team, a known Russian hacker group, has created Somnia ransomware with the help of Cobalt Strike.
| |
Palo Alto Networks has acquired Cider Security for $195M to boost its supply chain security product suite. The deal will be completed in an all-cash structure. More: - According to the company, security teams today struggle to follow the pace of developers who have access to tools that enable them to deploy code quickly. This trend may cause security flaws that lead to security breaches.
- Palo Alto Networks believes that by integrating its cloud-based code deployment platform Prisma with Cider Security's product, developers will have access to better security tools.
- The California-based company stated that the deal will close in Q2 2023.
- Cider Security was founded in 2020 and quickly managed to scale to 40+ employees. Cider offers its users a graph that shows a visualization of the attack surface, a tool that looks for the best scanners a company should use, and a CI/CD analysis system.
- The company is based in Tel Aviv, Israel.
| |
 A message from LAIKA If you’re trying to close deals, SOC 2 is probably a thorn in your side. What is it, and who cares? Your business needs SOC 2. But building compliance from scratch is complicated, time-consuming, and the cost can be crippling. Laika has you covered. Uncomplicate SOC 2 with our guide for growth-minded founders. In the guide by Laika you’ll learn: - What is SOC 2 compliance and why it matters for your startup
- How to close more deals faster by becoming SOC 2 compliant
- How to prepare for SOC 2 compliance
- What to expect in terms of time and cost
- What to do after the report is in
What makes Laika the authority on SOC 2? They’re the only compliance automation solution that was built by compliance experts. Learn how to turn compliance from a pain point into a secret edge over your competitors. Download Now 
| |
Tehama County, California, has stated that hackers have managed to breach its security system. Affected information includes names, last names, addresses, birth dates, etc. More: - The threat actors responsible for this attack have not been tracked yet by researchers, while the County has not given any details regarding the origin of the hacking campaign.
- County authorities claim that the cyberattack happened between November 2021 and April 2022. The County launched an investigation in April that lasted until August 2022.
- According to the County's statement, there have not been any signs that this breach has been used for fraudulent activities yet, but it has taken steps such as strengthening its cyber defense to prevent similar cyberattacks from happening again.
- Those who had their Social Security numbers or driver's license numbers stolen are being offered additional identity theft protection services.
Zoom Out: - In 2019, the cities of Lodi, California, and Lake City, Florida, were hacked.
- The hacking campaign locked up all of the payments that the city of Lodi owed and was owed.
- In Florida, the threat actor managed to disrupt navigation systems and transportation software, forcing the city to pay $460,000 in Bitcoin as ransom.
- Baltimore famously paid over $15M to hackers after being hit with the RobinHood ransomware, which left the city without access to email, voicemail, parking meter systems, utility billing, etc.
- The city of Torrance, California, was hit by a cyberattack in 2020, leaving the city unable to process any credit card payments.
| |
Quick Hits: - DUER's founder wanted pants that stretch "from bike lane to boardroom to an evening night out." Try the World's Most Comfortable Pants during Black Friday — shop up to 50% off sitewide.*
- Ten individuals have been charged with running a hacking crime ring that was also involved in money laundering and fraud. The group caused $11M in damages.
- Cybersecurity spending by companies is expected to grow to $160B by 2023 and exceed $280B by 2026, according to a new report.
- A report shows that cybersecurity risks are the No. 1 cause for concern for the autonomous maritime industry.
- Silent Ransom Group is behind a new hacking campaign named "Luna Moth" that utilizes low-cost callback phishing attacks to breach companies by hacking their employees first.
*This is sponsored content.
| |
Upcoming events at Inside:
| |
 |  | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. |   | | Editor | Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 and 1972 Fords. | |
Security Compass delivers best-practice, role-based, accredited eLearning solutions. | |
Laika is a unified compliance platform that automates workflows for audits, infosec monitoring, and vendor due diligence in a single, collaborative space. | |
