Plus: Tribe Hackers cyber-attacking multiple education organizations in India
| Part of  Network | |
 |
 Researchers have tracked a hacking campaign spreading malware through breached websites and Chrome extensions. The campaign has been active since November 2022. More: - The infection chain starts by injecting malicious JavaScript code that activates scripts when a user visits the website.
- If a targeted visitor browses the site, the scripts will display a fake Google Chrome error screen that convinces users to launch a bogus update to improve their user experience.
- When activated, the script automatically downloads a ZIP file disguised as a Chrome update.
- This ZIP file contains a Monero miner that will use the infected device's CPU to mine the Monero cryptocurrency for the threat actors.
| |
Hackers have stolen the personal Medicaid data of over 20,000 Iowa residents. According to reports, hackers stole data such as full names and Medicaid details. More: - The breach happened due to a contractor's computer systems being hacked in a cyberattack between June 30 and July 5, 2022.
- The contractor, Telligen, performs annual assessments for Medicaid members.
- Telligen subcontracted a percentage of its work to a company named Independent Living Systems. The latter was hacked, resulting in data theft.
- The Iowa Department of Health and Human Services claims that it has contacted authorities, including the FBI, to find the responsible actors and to ensure that similar security breaches do not happen again.
- Security researchers have criticized the fact that it took eight months to inform the victims about the breach.
| |
WhatsApp has launched a new security feature that aims to help prevent account takeovers. This feature is officially called Device Verification. More: - Device Verification aims to block the threat actor's connection and allows the target to use the app without disruption.
- The feature creates a security token and stores it locally on the device. By doing so, the token can help identify the validity of a message retrieval request from a specific WhatsApp account.
- The client side is required to send the security token every time it connects to the server.
- On the other side, the security token is updated every time it retrieves a WhatsApp message.
- Device Verification is currently available for all Android users, while iOS users will be able to use the feature in the near future.
| |
Pakistan-based hacker group Tribe Hackers is cyber-attacking multiple education organizations in India. The group is also known as APT36. More: - The group is using Crimson RAT to cyberattack the organizations.
- This malware has the functionality to:
- exfiltrate files and system data to an actor-controlled server,
- capture screenshots,
- terminate running processes,
- log keystrokes,
- and steal browser credentials.
- The main way APT36 infects its users in this campaign is by sending them malicious documents, which then deploy payloads if the user double-clicks on the file.
- To make the campaign more convincing, these documents usually state that the document content is locked and cannot be previewed.
- Once the users click the file, an OLE package executes the Crimson RAT. The latter is presented as a mere update.
- Transparent Tribe is believed to be active since 2013.
| |
Cerbos has raised a $7.5M Seed funding round to help companies establish user privileges more efficiently. Omers Ventures led the funding round, with participation from angel investors. More: - Cerbos aims to help companies establish user privileges more efficiently so that threat actors don't take advantage of network security missteps.
- According to the company, what separates its product from current solutions in the market is the fact that its product enables users to make changes in login privileges without having to access their source code files.
- The company has also added a code auditing assistant tool that helps developers find bugs in their code.
- Officials stated that this product is used to process tens of millions of authorization requests across hundreds of different networks globally.
- Cerbos says its platform is considerably faster and cheaper than current solutions in the market.
- The company is based in London, U.K.
| |
Quick Hits: - These robots are knee-deep in a $19.4B joint surgery market potential. Invest in Monogram ahead of their planned Nasdaq listing.*
- Multi-billion-dollar yacht manufacturer Lürssen was breached by a cyberattack on Easter weekend.
- The U.K.’s largest public companies have taken security measures that have helped lower the number of British companies that were breached via high-risk ports, according to a new report.
- Recent seizures of hacking forums that sell credit card data have affected the black market, resulting in a significant drop in credit card data theft.
- Eliminate application bottlenecks by bringing the performance and data portability of open-source, lightweight SQL close to your users with low overhead.*
*This is sponsored content.
| |
Upcoming Events - April 13 - Inside Interview with Lacework - The Evolution of Cloud Security w/ Ulfar Erlingsson (Watch On Demand)
- April 13 - Inside Marketing Coffee Break w/ Paolo Dello Vicario (ByTek) (Register Here)
- April 14 - Inside Interview with Landing - The Ultimate Corporate Housing Resource with Torger Philosophos (Register Here)
- April 18 - Human Resources Summit'23 (Register Here)
- April 18 - Inside Interview with TravelBank: Why Employee Happiness Is Falling More Into The Financial Sector (Watch On Demand)
- April 27 - Inside.com Book Club - REWORK by 37signals (Register Here)
| |
 |  | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. |   | | Editor | Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 and 1972 Fords. | |
| 767 Bryant St. #203, San Francisco, CA 94107
Copyright © 2023 Inside.com | |
| |
