The U.S. government has seized seven domains that were used for 'romance hacking' scam campaigns. The hackers deploying this campaign managed to steal $10M. More: - In pig butchering schemes, scammers target victims on dating apps and social media websites. Then, they initiate relationships with them and gain their trust, convincing them to make investments using cryptocurrency.
- The hackers, believed to be located in Asia, reached out to their victims through communication apps such as Line and WeChat.
- In order to make the scam more believable, the threat actors created fake apps that falsely presented growth graphs and sent alerts to the targets that were meant to show them the real-time performance of their investments.
- After being convinced to send a relatively small amount of $400, the victims then sent $9.6M to a specific wallet address provided by the hackers. Whenever they tried to withdraw their funds, the victims were presented with numerous technical challenges and threatening messages.
- The seized domains were used to breach five U.S. citizens during the May-August 2022 period.
- This case was carried out by the U.S. Attorney’s Office for the Eastern District of Virginia.
| |
The London Metropolitan Police has arrested a hacker group that cost victims $121M in damages. This operation is the largest cyber-fraud case in the history of the U.K. More: - The hacker group created a website called 'iSpoof' where users were able to be equipped with tools that allowed them to run vishing campaigns. The visitors used the tools to create fake pages and use personal phone calls that impersonated government agencies and banks.
- Once the victims entered their login credentials on these pages, hackers used the details to steal funds from victims' bank accounts.
- Over 10 million fraudulent calls were made using iSpoof in just 12 months, 3.5 million of which were made in the U.K. alone.
- The hackers managed to steal over $50M from 200,000 U.K. citizens.
- 142 people were arrested in what was a global operation conducted by The London Metropolitan Police, Europol, and different law authorities in the U.S., Australia, Canada, etc.
| |
 A message from SECURITY COMPASS The only secure developer training that is accredited by (ISC)² Explore role-based, language-specific, secure developer training that meets developers where they are in their knowledge and learning style to ensure they successfully develop and apply secure coding skills. Go beyond secure coding training. Retain talent, remain competitive, and stay compliant. Choose over 50 cybersecurity courses covering topics including: - AppSec Fundamentals
- Secure Coding
- Secure Mobile
- Compliance, PCI-DSS, CCPA, HIPAA
- Operational Security, like DevSecOps Fundamentals and DevSecOps for Managers
Influence developers to adopt secure coding without getting in their way. Learn more
| |
A new variant of the Ransomexx ransomware has been written in Rust by Ransomexx's operators. The variant is being tracked as Ransomexx 2. More: - Ransomexx gang was first tracked in 2018 but made headlines in 2020 when it managed to breach organizations such as Gigabyte and Starhub.
- Ransomexx is used as a part of a multi-stage attack chain targeting various organizations. It is delivered as a secondary payload after a network is breached. The current Ransomexx variant only affects Linux systems, but a Microsoft variant is likely to be deployed due to the fact that Ransomex's original variant targets the latter.
- Malware written in Rust has been proven to be more capable of escaping detection from anti-virus software. According to researchers, out of 60 anti-virus software programs, only 14 were able to detect Rust-written malware even after two weeks passed.
- Another fact that separates Rust from other languages is that its compilation process takes longer than other languages, making it more difficult for those who want to reverse engineer the infection chain.
- These features have resulted in Rust becoming one of the most widely used languages by threat actors recently, with other ransomware, such as Blackcat, Hive, Zeon, etc., also being rewritten in the language.
| |
The global healthcare cybersecurity industry is expected to reach $30B by 2026, reaching a yearly growth rate of 17.8%. The war in Ukraine is considered to be the primary catalyst for the industry's current momentum. More: - The industry's 2022 valuation is $15.70B, a $2B+increase from the market's value in 2021.
- Cybersecurity companies help protect healthcare organizations by offering both services and proprietary software products. These services and products aim to help them avoid DDoS attacks, identity theft, cloud security vulnerabilities, etc.
- In terms of verticals, public hospitals, biotechnology research companies, and medical device companies are the most targeted actors in the space.
- In 2020 alone, there were over 2.3k cyber-attacks targeting U.S. healthcare organizations and facilities, a figure that is expected to increase in the upcoming years due to the reliance that hospitals have on digitalization and cloud-stored patient data.
Zoom Out: - Back in June 2022, the FBI reported that Iran-backed hackers attempted to breach a children's hospital in Boston with the hope of stopping the hospital from providing critical services to children who were diagnosed with severe diseases.
| |
The number of cyberattacks against healthcare organizations is increasing as the holiday season approaches, according to a report. Hackers are likely to exploit the fact that most hospitals will work on reduced staff. More: - The report named 'Organizations at Risk 2022: Ransomware Attackers Don't Take Holidays', shows that 88% of cybersecurity professionals who work in large companies missed a holiday due to the fact that their organization was cyberattacked during a holiday.
- Out of all the industries that were analyzed, healthcare organizations took the longest to restore their systems and patch their security flaws. It took most healthcare organizations 3-6 days to fix their security flaws after being attacked.
- The report was conducted by sampling companies and organizations located in the U.S., the U.K., Germany, France, Italy, United Arab Emirates, South Africa, and Singapore.
| |
Quick Hits: - DUER's founder wanted pants that stretch "from bike lane to boardroom to an evening night out." Try the World's Most Comfortable Pants during Black Friday — shop up to 50% off sitewide.*
- Hackers may have been able to gain access to organizations' accounts by exploiting an AWS flaw that allows legitimate ARNs to be bypassed and have admin privileges transferred to accounts that were previously denied that access.
- Five security flaws tracked in the Mali GPU driver have not been patched yet. Arm, the company that manufactures the GPU, reportedly patched the flaws a few months ago but the changes have not affected devices yet.
- Bahamut, a hacker group that specializes in cyber espionage, is deploying a fake VPN app to breach its targets. The group is redirecting its targets toward a specific website where the app is hosted.
- Security research company Bitdefender has published a report which says that Sharkbot, a trojan used to steal money from victims' bank accounts, has re-appeared in the Play Store. This time, the trojan is being presented as a file manager app.
*This is sponsored content.
| |
Upcoming events at Inside:
| |
 |  | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. |   | | Editor | Gregory Bridgman is a writer and researcher with an academic background in politics and the philosophy of science and technology. He holds a BA from the University of Cape Town, an MS from University College London, and a Ph.D. from the University of Cambridge. He is interested in climate issues, technological changes, and the implications of the fourth industrial revolution. Please feel free to contact me at gregory@inside.com! | |
Security Compass delivers best-practice, role-based, accredited eLearning solutions. | |
